Updated March 2023
Header Image
Why trust BestReviews?
BestReviews spends thousands of hours researching, analyzing, and testing products to recommend the best picks for most consumers. We only make money if you purchase a product through our links, and all opinions about the products are our own. Read more  
BestReviews spends thousands of hours researching, analyzing, and testing products to recommend the best picks for most consumers. We only make money if you purchase a product through our links, and all opinions about the products are our own. Read more  
BestReviews spends thousands of hours researching, analyzing, and testing products to recommend the best picks for most consumers. We buy all products with our own funds, and we never accept free products from manufacturers.Read more 
Bottom line
Best of the Best
Yubico YubiKey 5 Nano
YubiKey 5 Nano
Check Price
Extremely Secure
Bottom Line

A top-performing, versatile security key by a trusted name in the industry. If you are looking for the best protection available, the YubiKey 5 Nano is the one to buy.


Works with numerous apps, protocols, and popular online platforms for optimal security. Can be left in your computer, and doesn't stick out significantly from the USB slot like some other models.


It's very small and easy to lose; but it's also extremely durable. A few faulty keys have been reported. Price falls on the high end of the scale.

Best Bang for the Buck
Thetis FIDO U2F Security Key
FIDO U2F Security Key
Check Price
Best for Tight Budgets
Bottom Line

If you’re new to multi-factor authentication or just need a quick and cheap option, the Thetis security key is an easy-to-use choice.


The built-in protective lid is perfect for making sure it doesn’t get damaged. The included hook for use on a keychain makes it easy to take anywhere.


Design is somewhat bulky.

Yubico YubiKey 5 NFC Two-Factor Authentication
YubiKey 5 NFC Two-Factor Authentication
Check Price
Mid-level Option
Bottom Line

The YubiKey 5 has a tough build and offers excellent protection. It's not the most streamlined security key by Yubico, but this is a minor concern.


It’s waterproof and crush-resistant, so it does a great job withstanding wear and tear. Mid-range price, yet it works similarly to the brand's 5 Nano model.


The unit sticks out quite a bit from most USB slots, which can be awkward. Some issues with the setup process noted.

Only key FIDO2 U2F Security Key
Only key
FIDO2 U2F Security Key
Check Price
Added Security
Bottom Line

A mid-priced key with a built-in pin pad for additional security in case the key is lost or stolen.


A popular option that is both easy-to-use for beginners and highly functional. Features 12 slots for storing passwords. Comes with a convenient silicone cover.


The pin pad buttons do not always work as intended.

Yubico Yubikey 5C Two-Factor Authentication USB Security Key
Yubikey 5C Two-Factor Authentication USB Security Key
Check Price
Unique Design
Bottom Line

An option for those with devices that feature USB-C ports. Small without being easy to lose.


A simple, compact model that is designed to be carried on a keychain. The USB-C design can help to free up a USB port. Works well with Windows, Mac, and Android devices.


Not all sites support Yubikey. Setup can be challenging.


We recommend these products based on an intensive research process that's designed to cut through the noise and find the top products in this space. Guided by experts, we spend hours looking into the factors that matter, to bring you these selections.

Category cover

Buying guide for best security keys

Web security can be a scary thing. As we move more and more of our personal information into the cloud for convenience, it becomes increasingly important to make sure that our data is secure.

Unfortunately, a password is no longer enough. Sophisticated attacks and unexpected data breaches are so commonplace now that if you want to stay safe, you’ll need to take additional measures. Thankfully, the web security industry has created a new standard that anyone can use to protect their online accounts from unwanted intrusions: two-factor authentication (often referred to as 2FA).

Two-factor authentication creates another safeguard beyond your password. In a 2FA transaction, after entering your username and password, you’re prompted to confirm the access request through a different medium. For example, many banks use SMS-based 2FA, and text you a numeric code to enter to access your account after you’ve entered your password. In other cases, users can use smartphone apps as a second-factor device, so they can confirm logins with a single tap.

The most secure form of two-factor authentication is with a separate physical device, and the gadgets dedicated to the task are known as security keys.

Content Image
Phone-based passcodes are another form of multi-factor authentication. Once you log in, a series of numbers is sent to your phone that you must enter after your password to gain access. Security keys are considered superior and more secure because they verify transactions over the internet, whereas phone-based passcodes do so over landlines, which are much easier to hack.

Using a security key to protect your online accounts

Security keys work with hundreds of online account services, including Google’s Gmail, Facebook, Twitter, and Dropbox. The setup process for each will vary slightly, but in each case, you’ll need to research how to set up two-factor authentication and follow the provided instructions. Once you’ve successfully registered your security key as a second-factor device for your login, here is how logins work:

  1. Enter your username and password, as always. This part stays the same, but it’s still important to remember the best practices of passwords: never use the same password on more than one account; use a random string of letters, numbers, and characters as your password whenever possible; and change all of your passwords regularly.

  2. Insert your security key into an open USB port. Any open port on your computer will do.

  3. Tap the security key to confirm your access request. Each security key has a physical sensor that’s waiting for you to tap it in order to get access. By tapping your security key, you’re essentially saying, “Yes, I confirm this is me.”

That’s it! With a security key, you’ve got an added layer of security – people with your password won’t be able to get in – and the only extra step is a single tap.

Content Image
Did you know?
Some in the web security industry refer to security keys as U2F devices, which stands for Universal Second Factor. While the terminology may differ based on context, in reality, they’re the same thing.

Security key prices

Security keys aren’t super expensive, but they’re not all the same. Keep these price ranges in mind as you’re comparing models.

Inexpensive: You’ll find some good options for basic protection between $15 and $29. Models in this price range are a little flimsy and are sometimes missing bonus features like support for Smart Card networks. If you’re only protecting a handful of accounts, a cheaper model will suffice, but given that better models are only a few dollars more, it might be worth it to spring for a better one.

Mid-range: The best values in security keys fall between $30 and $49. Security keys in this price range are made with higher-quality materials, so they’re less likely to get scratched (and they work based on an exposed copper connection, so durability matters). Most users won’t need to spend more than $50 to get a security key that will function for years to come.

Expensive: You’ll encounter overpriced security keys costing between $50 and $75 that don’t offer anything more than other models, and they can sometimes be dangerous copycats. Some manufacturers rely on consumers thinking that more expensive models must be of higher quality, but that is definitely not the case with security keys.

Content Image
Expert Tip
As a further measure against identity theft, consider signing up with a credit monitoring service. These services alert you whenever someone tries to use your social security number, so you can short-circuit identity theft attempts.


  • Use a password management service, and use only randomly generated passwords. This will help keep your online accounts even more secure. Don’t count on your brain to remember all of your passwords – there’s an app for that. Third-party password manager services like LastPass, Dashlane, or 1Password allow you to access your passwords when you need them with one master password. That’s not as scary as it sounds: you can use a security key to protect your password manager, and most password managers have built-in password generators, so you can update your existing passwords so they’re not guessable.

  • Buy a security key that matches your computer’s USB ports. Security keys are designed to occupy an available USB port on your computer, but USB standards are changing, so it’s important to verify compatibility before you buy. Most laptop and desktop computers have USB 2.0 or USB 3.0 ports, which have been the standard for years, but they’re slowly giving way to USB 3.1 ports, which use a completely different form factor. Before you start shopping, confirm if you’ll be using your security key in a USB 2.0, USB 3.0, or USB 3.1 port.

  • Update your critical passwords at least once every six months. And update your less important passwords at least once a year. Keeping your online accounts secure will always be an ongoing effort, so it’s important to never think of yourself as “done” with your safety efforts. To protect yourself from breaches or anyone else who may know your passwords, update them on a regular basis.
Content Image
A single security key can work with multiple accounts, so there’s no need to buy more than one.


Q. What’s the difference between a security key and a fingerprint reader?

A. Both security keys and fingerprint readers are devices that require physical contact in order to give you access to an account, but the similarities end there. A fingerprint reader stores a copy of your fingerprint on your local machine, and then verifies that your finger is a match every time you log in. Fingerprint readers are used almost exclusively to give users physical access to their computers, while security keys are used with web services and online accounts. A security key relies on the user to tap it, and while it will accept a tap from anyone, it verifies access in the cloud.

Q. What happens if my security key gets lost, stolen, or damaged?

A. Most web services that support security keys will provide you with a set of backup codes during your initial set up. Backup codes are for instances when your security key isn’t available, so it’s important to keep them safe. If you lose access to your backup codes, you’ll need to go through access verification with the service in question – most will make you go through a lengthy process to prove who you are, but they can eventually restore your access.

Q. Can I use a security key with my computer login?

A. Yes. Many security key manufacturers, including Yubikey, make security keys that work with both the Windows 10 operating system and Apple’s OS X operating system, so you can make sure that no one is logging into your computer that shouldn’t be. To learn more, visit your security key manufacturer’s website.

Our Top Picks