Eliminate Phishing Attacks And Account Takeovers With SafeKey's Powerful Two-Factor Authentication.
Two-factor authentication (2FA) is currently the most common way to secure your online accounts from unauthorized access. A well known example is that in addition to your username and password, you also have to generate a code (a Time-based One-Time Password, or TOTP) with an app on your phone or computer in order to login.
Most of the big websites and about half of all companies have integrated two-factor authentication into their authentication process.
But beware: numerous publicly known cases show that even these methods of two-factor authentication are hackable.
Thanks to strong cryptography, SafeKey supports a better and more secure method of two-factor authentication. It’s so secure that your online accounts remain protected even if your password gets stolen.
SafeKey operates as an extra, physical, security layer, which makes it impossible for hackers to get access to your data from a distance and over the internet.Get your SafeKey Introduction to SafeKey
What Is Two-Factor Authentication?
Two-Factor Authentication (2FA) aims to protect you against hackers and phishing attacks. Therefore it basically rests on two pillars.
First you have to enter your username and password. You should know these by heart or keep them in a secure location. These credentials verify your identity.
Secondly, you’re asked for a unique code. This is a Time-based One-Time Password (TOTP) generated by a software on your phone or computer, a dedicated hardware device, or sent to you via SMS.
If you know your password, but are not able to generate an authentication code, you’ll never be able to login.Get your SafeKey Introduction to SafeKey
Weaknesses Of Regular Two-Factor Authentication.
While 2FA is very simple to use, some methods are inherently insecure and exposed to hacks. The most popular implementation, Time-based One-Time Password (TOTP), popularized by its use on Google Auth and crypto exchanges like Binance, transmits the shared secret (master key) over the internet during the setup process.
This weakness has been recognized by major players who created FIDO Alliance and defined new, more secure standards such as Universal 2nd Factor Authentication (U2F), which introduces the use of a hardware device for user authentication, such as the SafeKey.
Some other weaknesses of regular 2FA are:
- You have to manually input the code at logging in, adding another step to the process.
- Backup codes are sent online, which is often insecure.
- You and the provider share the same secret. If a hacker gets into a company and gains access to both the password and the secrets database, he will be able to access every account completely unnoticed.
- The secret is displayed in plaintext or QR code. It cannot be provided as a hash or with a cryptographic salt. This also means that the secret is most likely stored in plaintext form, on the servers of the provider.
- The secret can be exposed during the registration, as the provider has to give you a generated secret. By using TOTP, you have to trust the providers to be able to protect the secret.
Safer And Faster Two-Factor Authentication With Your SafeKey.
SafeKey gets you better two-factor authentication and goes one step further than traditional methods by using the Universal 2nd Factor standard (U2F).
What does that mean?
Well, not only do you need your regular login credentials such as your email address, username and password, it is also necessary to have a physical device as a means of authentication: your SafeKey.
Adding a hardware device to the authentication process gives your account a massive security boost and should easily keep hackers out of your way.
Because it is impossible that someone who happens to get your password can log in to your account, because logging in also requires your SafeKey.Get your SafeKey Introduction to SafeKey
How Does Two-Factor Authentication With Your SafeKey Work?
When logging into a website, the user generally authenticates himself by providing a username and a password. With SafeKey and U2F, the user will have to additionally confirm the login with a click on the connected SafeKey device.
Register your SafeKey
To use the SafeKey, go to the Security Settings of a supported service and select two-factor authentication to connect a security key.
Insert SafeKey & tap
On a computer, insert the SafeKey into a USB-port and touch the SafeKey to verify you are human and not a remote hacker.Get your SafeKey Introduction to SafeKey
Security And Usability In One Device.
Historically, there has been a tradeoff between great security and usability for user authentication processes.
The usable process with passwords is fundamentally broken. Regular two-factor authentication, like SMS and mobile apps, is increasingly vulnerable to hackers.
The more secure hardware technologies, such as traditional smart cards, are difficult to deploy and use at scale.
The SafeKey changes this.
- Eliminate the hassle of remembering passwords
- Make it easier to log in
- Provide additional privacy protection
Benefits Of Two-Factor Authentication With A SafeKey.
- Simplicity: no more reaching for your phone to open an app, or memorizing and typing in a code – simply touch the SafeKey to verify and you’re in.
- Usability: the effort of having to create and securely store a separate, long and complex password for each user account is eliminated.
- Privacy: no confidential information will ever be shared and no personal information is associated with the secret.
- Security: More secure than other two-factor authentication methods (e.g. SMS or TOTP).
- Anonymity: thanks to public key cryptography, no shared secret (private key) is sent over the internet at any time.
- Plug & play: Supporting all common web browsers, no additional client software or driver installation is required.
- Integrated phishing protection: high security against phishing attacks through integrated domain check.
Get Started With A SafeKey!
You should select your SafeKey based on the services (i.e. websites and apps) and devices you want to use the SafeKey with. Please see the resources below to help you decide on which SafeKey will be your best fit.