Skip to main content Link Search Menu Expand Document (external link)

Security Keys

There are several best practices to follow when using USB hardware security keys:

  • Keep your security key safe and secure: It is important to keep your security key in a safe place when it is not in use to prevent it from being lost or stolen. Consider using a physical lock or a secure location to store your security key, such as a safe or a locked drawer.

  • Use a strong, unique password: When setting up your security key, make sure to use a strong and unique password that is not used for any other accounts. A strong password should be at least 8 characters long and contain a mix of upper and lower case letters, numbers, and special characters. Avoid using easily guessable passwords, such as “password” or “123456”, and do not use the same password for multiple accounts.

  • Keep your security key up to date: Many security keys have the ability to receive firmware updates to fix security vulnerabilities or add new features. Make sure to check for and install any available updates regularly to ensure that your security key is running the most current version.

  • Use a security key with two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security to your accounts by requiring a second form of authentication in addition to your password. Using a security key for 2FA can help protect your accounts from unauthorized access, as it requires someone to have both your password and your physical security key in order to log in to your account.

  • Protect your security key from physical damage: It is important to handle your security key with care to prevent it from being damaged. Avoid dropping it or exposing it to extreme temperatures, as this can prevent it from functioning properly.

  • Use a security key from a reputable manufacturer: Choose a security key from a reputable manufacturer that has a good track record of producing high-quality, secure products. Research different brands and read reviews to help determine which security key is right for you.

  • Use a security key with a trusted device: Some security keys only work with certain devices, such as computers or smartphones. Make sure to use your security key with a device that you trust and that has up-to-date security measures in place, such as a strong password and the latest operating system updates.

  • Keep your security key separate from your computer: It is generally a good idea to keep your security key separate from your computer, as this can help prevent unauthorized access to your accounts if your computer is lost or stolen. Consider carrying your security key with you or storing it in a separate location from your computer when not in use.

  • Plan for the possibility of your key being lost or damaged: It is important to have a plan in place in case your security key is lost or damaged. This might include having a backup security key or using an alternative form of two-factor authentication, such as a code sent to your phone. If you do lose your security key, make sure to change the passwords for any accounts that were protected by it as soon as possible to prevent unauthorized access.