Anyone tried these? May be overkill and creates additional risk of device breakage.
I use a variant of this called the yubikey which is the same thing except not google labeled. I would recommend using this with a password manager like bitwarden but that is optional. I have talked about this previously in another post, but generally recommend either yubikey or nitrokey. https://www.nthcircle.com/forum/misc-tech/3221-somebody-big-has-been-hacked?start=0#45746
If you want to know what services support the physical keys, you can go here: https://www.dongleauth.info/
Edit: Also fun fact, google use to use yubikey and were so impressed by them they made their own variant which is now the titan key. So while the titan is cheaper, yubikey has been in the game longer.
Bought some when they were practically giving them away.
Ended up never using them and selling them. Too much hassle.
@PEW, It is not necessary to buy 2 proactively. As long as you keep the codes that were used to create the first key, you can reprogram a second key later.
Also if anyone plans to do this, please please please have this be the only form of recovery/verification option. For example don't have this key and a phone number as a recovery option, it defeats the purpose of the key.
So Google Chrome can store your passwords just as LastPass. If we use the keys for secure account access, any benefit to LastPass? Both do suggest strong passwords. Guessing both store your password in encrypted status also.
I use Guest Mode on my Chromebook to access bank sites and enabled 2FA, thinking this should safeguard against key loggers and a decent level of protection.
Of course, another way is to have minimal money accessible online and hide gold bars in your basement for store of money.
You woudnt want your passwords centralized on a browser for easy access. Like you use for banking storing your passwords offsite and always logging in via incognito or guest is the best practice.
Would this be a decent counter to Man-In-The-Middle Attacks to SMS 2FA?
Still, this would not protect you if your phone is compromised.