February 2017 Ian Chiu
Two-factor authentication has always been at our disposal, but most of us don’t really bother unless we are forced to comply with online banking requirements. There has been a solution called YubiKey; it works with U2F, an emerging open authentication standard hosted by FIDO Alliance whose goal is to add an extra layer of security for browsers and mainstream web services, such as Gmail, FaceBook and DropBox.
The YubiKey neither requires drivers nor client software. Since it is recognized as a USB HID device, the platform-independent token works seamlessly with Windows, Mac and Linux. The keys themselves are manufactured in Sweden and USA in ways that reportedly make them tamper-proof. The fourth-generation of YubiKey now offers even faster and stronger crypto. Out of the three models, one ($50) supports the new USB-C connector while a nano version with regular USB-A plug allows you to flush mount it on your PC.
Windows Hello is Redmond’s own eco-system for biometric security. There’s certainly an appeal for end users to log into their PC instantly just by staring at the webcam. However, one can only do this with depth-sensing cameras, which rely on infrared lights to recognize faces past makeup and facial hairstyles under diverse lighting conditions. But unless you have a modern top-of-the-line PC, you will need something like the Logitech 4k Pro Webcam.
Under the hood, there’s a lot going on there there: 4k streaming, USB 3.0 (USB-C), HDR and the aforementioned depth camera. It is immediately clear 4k is the spotlight but the reality is that not everyone is quite ready for this – especially the amount of bandwidth it requires for livestreaming as well as the computing horsepower it takes for post editing. Another look into the specs reveals something else equally useful. The webcam is also capable to delivering 1080p60 as well as 720p90. These high framerate modes are key to making more fluid video for Skype calls and YouTube alike.
The HDR is also present to allow the Logitech webcam to adapt to different challenging light conditions while maintaining video quality. This is particularly useful if you move out of your perfect studio environment to a dimly lit hotel room. Last but not least is the selectable field of view that you can choose between 90, 65 and 78 degrees. If you want to unlock the potential of Windows Hello, this webcam gives you everything you need and more.
Fingerprint authenication is also an integrated part of Windows Hello that replaces passwords with biometric recongition. Though, generations of older PCs wouldn’t have the hardware sensors required by Windows’s new bio-security system. If you have a spare USB port, then the unobstructive PQI dongle might be what you are looking for.
The PQI’s My LocKey fingerprint reader is powered by Synaptics-powered Natural ID fingerprint sensor that works with Hello. The engine is reportedly fast enough to finish authentication with 0.15 second. Everything is housed inside a USB dongle whose size is comparable to that of a mini flash drive so the PQI can stay connected to your laptop at all times. Getting this ready only requires that you follow several steps of simple registration procedures before you can start logging in Windows with a single touch of a finger.
EyeLock Myris is probably as sophisticated as it gets when it comes to biometric security. In a nutshell, the Myris uses video of your irises as your password. Simply plug the unit into a free USB port, run the included software, add what applications you want to use your irises as your password for, and then look directly into the integrated scanner.
Unlike competitors that simply use a simple snapshot of your iris, the Myris uses real-time video to record images both of your iris and combines both to build a unique ID based on over 480 points. This dual iris approach makes it much hard to spoof and reduces false matches from the typical 1 in 1.5 million to well over one in two trillion.
Best of all, this virtually unbreakable password is easy to use as looking into a mirror and impossible for you to ‘forget’. Of course it won’t help you if the NSA comes knocking, but for most common criminals, this level of security is over-kill but still very reassuring.
Encryption is a necessity these days if you often carry data on USB drive from place to place. But it’s chore entering password every time you need access to the drive. This is where the Buffalo MiniStation Extreme NFC comes in. The portable drive comes equipped with near field communication reader (NFC) so that you can conveniently unlock the content with tapping with a smart card. It’s ideal for absent minded users who keep forgetting their password – especially a strong, secure one.
Although there’s still password protection, Buffalo doesn’t offer two-factor authentication. Your password is simply a fallback option in case you lose the smart card. In addition to 256-bit AES full disk encryption, the MiniStation is for both water and dust resistant. There are also internal bumpers inside the drive to absorb force from a drop of up to 1.2m. Least but not least is the integrated cable that wraps around the chassis.
Flash drive with a keypad isn’t new, but Lok-it is serious about getting this right. The FIPS 140-2 Level 3-certified drive facilitates authentications on battery power so correct key sequence has to be entered before the drive will even show up as active hardware. The self-contained security essentially prevents any communication from the host computer to the drive until the PIN is physically entered.
As a result, this removes the easy options for snoops. There’s no password to be sniffed via keyloggers and conventional means of brute force attacks on the drive won’t help. 10 incorrect attempts will wipe the cipher and the data is effectively lost. This deters any means of computer enhanced attacks that leverage the PC’s power. Cracking this 256-bit AES full-disk encryption drive hence will require much more work which is the best that any security system can really hope for.
These are 6 up-to-date USB security solutions we’ve found so far. We hope you find them useful. If you are using some other products that aren’t lised here, let us know if the comments below.
Help spread the word. You're awesome for doing it!