Hardware security key options?

I’ve been thinking about getting a hardware security key and have heard of yubikey before; but I want to see what my options are and if they are worth it in your opinion.
My current setup is a local KeePassXC database (that I sync between my PC and phone and also acts as TOTP authenticator app), I know that KeePass supports hardware keys for unlocking the database.

I am personally still of the belief that passwords are the safest when done right; but 2FA/MFA can greatly increase security on top of that (again, if done right).
The key work work together with already existing passwords, not replace them.

As I use linux as my primary OS I do expect it to support it and anything that doesn’t I will have to pass on.

PS: what are the things I need to know about these hardware keys that’s not being talked about too much, I am very much delving into new territory and want to make sure I’m properly educated before I delve in.

@linux @technology@lemmy.ml @technology@lemmy.world @privacy #2FA #MFA #yubikey #InfoSec #CyberSecurity

    • 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍
      link
      fedilink
      arrow-up
      12
      ·
      11 months ago

      As to why thisisawayoflife recommends these products (over OP’s consideration of Yubico), probably because Solo and Nitro keys are open source hardware and firmware.

      Nitro is a German company. Yubico is a Swedish company. I can’t find where SoloKeys is located. However, the OS nature of Solo and Nitro should make that a little less important.

    • nikoof@feddit.ro
      link
      fedilink
      arrow-up
      3
      ·
      11 months ago

      I also recommend Nitrokey. I have a Nitrokey Pro 2 and a Nitrokey 3 NFC and they both work well. Linux support is very good, and they also have good documentation on how to do most stuff you might want to do. +1 for being open-source as well.

      • magikmw@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Well I might be ignorant of first principles, but I couldn’t get a nitrokey I got for testing to work with anything.

        Not that yubikey is easy.

      • LemmyHead@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Nitrokey isn’t fully open source though. The secure element is proprietary. But that’s not their fault, OSS secure elements aren’t a thing yet unfortunately, but some companies wanna bring a change in that