U2F Security Keys
{% include cardv2.html
title="SoloKeys"
image="/assets/img/png/3rd-party/solokey.png"
description='The SoloKey is the "first open-source FIDO2 security key", available in both USB-A and USB-C variants with optional NFC capability for mobile devices. It is less feature-rich compared to the YubiKey 5 lineup, but at $20 it is a great starting point for securing your accounts, or backup U2F authenticator.'
website="https://solokeys.com/"
github="https://github.com/solokeys"
%}
{% include cardv2.html
title="YubiKey 5"
badges="info:Upgrade Pick"
image="/assets/img/png/3rd-party/yubikey-5c.png"
description='The YubiKey 5 is a multi-protocol security key, providing strong two-factor, multi-factor and passwordless authentication, and seamless touch-to-sign. It supports FIDO2, FIDO U2F, one-time password (OTP), and OpenPGP smart card functionality. It is available in a variety of form factors for desktop or laptop.'
website="https://www.yubico.com/products/yubikey-5-overview/"
github="https://github.com/yubico"
%}
Worth Mentioning
- OnlyKey - Another open-source option, OnlyKey supports TOTP codes, YubiKey compatible OTP, and U2F, making it very compatible with most websites. It also has a hardware PIN lock in case the device is lost or stolen. We would like to see GPG smart card support and a variety of form factors (USB-C, NFC) before recommending it for general use.
- Nitrokey - A variety of security key products for different workloads. All Nitrokey products are open-source and customizable. The firmware and hardware have been independently assessed by Cure53 in 2015. We have found that there is no best overall product (the Pro 2 lacks Curve25519 while the lower-end Start supports it, for example) and they are lacking a variety of form factors such as USB-C and NFC that would be more convenient for many users.