- This topic is empty.
-
Posts
-
-
I recently started securing my accounts with 2FA and used authenticator apps for a while. But now I’m considering switching to a physical token because I’m worried about phone theft or malware. My question is: how do I assess which hardware token offers the right balance of security, compatibility, and usability? Are there mistakes beginners always make that a good guide would warn against?
-
I ran into the same concern, and a guide I found helped a lot. The article “How to Choose the Best Hardware 2FA Tokens” on About InfoSec does exactly that — it goes through trade-offs like whether the token allows reprogramming, how it handles time drift, and how strong its internal cryptographic algorithm is. It also compares prebuilt vs programmable tokens and shows which features are optional vs essential. You can read it here hardware tokens . It helped me avoid some budget options that looked cheap but lacked important protections.
-
I like that approach. One thing I always tell people is: don’t just pick the cheapest token — the “weak link” often isn’t the encryption itself but convenience or a feature gap (like no firmware updates or broken compatibility). It’s better to invest a bit more in a token that’s well supported and has features you actually need rather than buy something cheap that becomes obsolete.
-
