Two-Factor Authentication (2FA)

An extra layer of security to your online authentication.

Eliminate Phishing Attacks And Account Takeovers With SafeKey's Powerful Two-Factor Authentication.

Two-factor authentication (2FA) is currently the most common way to secure your online accounts from unauthorized access. A well known example is that in addition to your username and password, you also have to generate a code (a Time-based One-Time Password, or TOTP) with an app on your phone or computer in order to login.

Most of the big websites and about half of all companies have integrated two-factor authentication into their authentication process.

But beware: numerous publicly known cases show that even these methods of two-factor authentication are hackable.

Thanks to strong cryptography, SafeKey supports a better and more secure method of two-factor authentication. It’s so secure that your online accounts remain protected even if your password gets stolen.

SafeKey operates as an extra, physical, security layer, which makes it impossible for hackers to get access to your data from a distance and over the internet.

What Is Two-Factor Authentication?

Two-Factor Authentication (2FA) aims to protect you against hackers and phishing attacks. Therefore it basically rests on two pillars.

First you have to enter your username and password. You should know these by heart or keep them in a secure location. These credentials verify your identity.

Secondly, you’re asked for a unique code. This is a Time-based One-Time Password (TOTP) generated by a software on your phone or computer, a dedicated hardware device, or sent to you via SMS.

If you know your password, but are not able to generate an authentication code, you’ll never be able to login.

Weaknesses Of Regular Two-Factor Authentication.

While 2FA is very simple to use,  some methods are inherently insecure and exposed to hacks. The most popular implementation, Time-based One-Time Password (TOTP), popularized by its use on Google Auth and crypto exchanges like Binance, transmits the shared secret (master key) over the internet during the setup process.

This weakness has been recognized by major players who created FIDO Alliance and defined new, more secure standards such as Universal 2nd Factor Authentication (U2F), which introduces the use of a hardware device for user authentication, such as the SafeKey.

Some other weaknesses of regular 2FA are:

  • You have to manually input the code at logging in, adding another step to the process.
  • Backup codes are sent online, which is often insecure.
  • You and the provider share the same secret. If a hacker gets into a company and gains access to both the password and the secrets database, he will be able to access every account completely unnoticed.
  • The secret is displayed in plaintext or QR code. It cannot be provided as a hash or with a cryptographic salt. This also means that the secret is most likely stored in plaintext form, on the servers of the provider.
  • The secret can be exposed during the registration, as the provider has to give you a generated secret. By using TOTP, you have to trust the providers to be able to protect the secret. 

Safer And Faster Two-Factor Authentication With Your SafeKey.

SafeKey gets you better two-factor authentication and goes one step further than traditional methods by using the Universal 2nd Factor standard (U2F).

What does that mean?

Well, not only do you need your regular login credentials such as your email address, username and password, it is also necessary to have a physical device as a means of authentication: your SafeKey.

Adding a hardware device to the authentication process gives your account a massive security boost and should easily keep hackers out of your way.

Why?

Because it is impossible that someone who happens to get your password can log in to your account, because logging in also requires your SafeKey.

How Does Two-Factor Authentication With Your SafeKey Work?

When logging into a website, the user generally authenticates himself by providing a username and a password. With SafeKey and U2F, the user will have to additionally confirm the login with a click on the connected SafeKey device.

Register your SafeKey

To use the SafeKey, go to the Security Settings of a supported service and select two-factor authentication to connect a security key.

Insert SafeKey & tap

On a computer, insert the SafeKey into a USB-port and touch the SafeKey to verify you are human and not a remote hacker.

Security And Usability In One Device.

Historically, there has been a tradeoff between great security and usability for user authentication processes.

The usable process with passwords is fundamentally broken. Regular two-factor authentication, like SMS and mobile apps, is increasingly vulnerable to hackers.

The more secure hardware technologies, such as traditional smart cards, are difficult to deploy and use at scale.

The SafeKey changes this.

  • Eliminate the hassle of remembering passwords
  • Make it easier to log in
  • Provide additional privacy protection

Benefits Of Two-Factor Authentication With A SafeKey.

  • Simplicity: no more reaching for your phone to open an app, or memorizing and typing in a code – simply touch the SafeKey to verify and you’re in.
  • Usability: the effort of having to create and securely store a separate, long and complex password for each user account is eliminated.
  • Privacy: no confidential information will ever be shared and no personal information is associated with the secret.
  • Security: More secure than other two-factor authentication methods (e.g. SMS or TOTP).
  • Anonymity: thanks to public key cryptography, no shared secret (private key) is sent over the internet at any time.
  • Plug & play: Supporting all common web browsers, no additional client software or driver installation is required.
  • Integrated phishing protection: high security against phishing attacks through integrated domain check.

Get Started With A SafeKey!

You should select your SafeKey based on the services (i.e. websites and apps) and devices you want to use the SafeKey with. Please see the resources below to help you decide on which SafeKey will be your best fit.

Start Using Your SafeKey

Get strong security in minutes with the SafeKey, a hardware security key that provides phishing-resistant two-factor authentication and encrypted data storage.

Start now
Get Protected Today

Browse our online store and buy the right SafeKey for your needs.

Visit shop
Why Use A SafeKey?

Discover why you should use a SafeKey and how it'll help you eliminate the security vulnerabilities you're facing today.

Learn more
SafeKey Documentation

Learn how SafeKey works and how it's used.

Go to docs

Other SafeKey Use Cases For Individuals

Two-factor authentication (2FA) is critical to secure your accounts and services online. Keep your accounts protected with SafeKey security keys—industry proven, phishing-resistant security for your most important accounts and services.

Learn more

Weak or stolen passwords as well as phishing are among the most common (+60%) gateways for successful hacker attacks. SafeKey makes you unhackable.

Learn more

Get online identity protection in minutes without downloading any additional software. You only have to configure your SafeKey once and future login confirmations are done by a simple push on a button.

Learn more

Social media account takeovers are massively rising. Large scale data breaches and phishing attacks put social media accounts at risk. Thanks to SafeKey, you don't have to worry anymore.

Learn more

Authentication that doesn’t require a password at login. Identify yourself by simply touching the button on your SafeKey device.

Learn more

Have you ever thought about what happens if you lose your data or someone intercepts one of your personal devices or backups and gets hold of the passwords for your online accounts?

Learn more

A digital inheritance plan manages the transfer of secret data like social media and email accounts from someone who passed away to his/her beneficiaries.

Learn more