Want to set up Two-factor Authentication (2FA) using a YubiKey?
A YubiKey is a USB device that generates a unique passcode every time you touch or tap a button while it is plugged in.
A YubiKey is considered to be one of the most secure tools for two-factor authentication.
Security: OTPs (One time passwords) generated by a YubiKey are significantly longer than those from an authenticator app (32 characters vs 6 or 8 characters), which means a higher level of security.
Harder to lose: We see a lot of lost phone tickets at Kraken Support. In our experience, clients are less likely to lose a device specifically used for 2FA than a phone that is carried around all the time.
Privacy: Even if you lose your YubiKey, it has no identifiable information about what it is used for or who it belongs to. In contrast, an authenticator app mentions the website name and some identifiable account information because the passcode needs to be manually read by a human (this can be changed or removed, but most people keep the defaults).
Future improvements: With the U2F protocol (coming soon to Kraken), YubiKey binds client sign-in to the original website’s URL. Only the real site can authenticate with the key. This means that while you may be tricked into thinking a website is real, the YubiKey won’t reveal your credentials.