I'm planning to buy one, but it's a shame you can't use them on all important sites. Seems like it's mostly Google, Facebook and Microsoft that support them. Also, as long as you can still log-in to those sites via other options like password or SMS, hackers can still bypass security keys.
Not so with Google. They have set it up so that the 2nd factor can be a security key; and only a security key (no SMS, phone number, email, authenticator needed to be registered). Hopefully other sites will follow.
You register your 'backup' security key as well on the account. So if your primary key is lost, stolen, broken, etc, you use your backup key to login.
OK cool, I didn't know about this. I believe Twitter also supports this option. I hope in the future online banks and brokers will also adopt it. Yes good point, it's always handy to buy at least 2 of these security keys.
Bank of America starts to make use of Security Keys. A number of Bitcoin websites have adapted SKs too. Lets hope more financial institutions start making use of security keys. USB Security Key (bankofamerica.com)
Awesome stuff, more banks should implement it, and it should work on all devices. They are making loads of money on the stock market so I'm sure they can invest a bit more into website security.
Google gives out 10,000 security keys Google gives security keys to 10,000 high-risk users (yahoo.com) There are other articles covering this as well.
Twitter employees now required to use security keys. Google implemented this a while ago. Security keys now mandatory for Twitter employees | Securiwiser
There aren't to many manufactures out there. A lot of reviews as well. The Best USB Security Keys for 2021 | Digital Trends You can't go wrong with any of them in the review above.