What is a USB token and how to use it

The concept of a USB token


Since protecting accounts with a login and password has long been outdated, back in the early 2000s, many manufacturers began to offer USB tokens as an alternative solution. These are hardware keys for secure authorization and secure storage of personal data. Outwardly, they resemble USB drives (flash drives), but have significant differences.

Initially, USB tokens in Ukraine were used to store EDS (electronic digital signature). After a law was adopted in Ukraine in 2003 preparing the introduction of an EDS, itbecame necessary for entrepreneurs to submit reports electronically. In 2008, the submission of electronic reports to the Pension Fund was fixed by law, and the number of those wishing to send reports by mail increased from 40% to 70%. At the same time, according to the law, the signature must be stored on secure media and not transferred to third parties. Perfect for this purpose tokens with EDS.

However, USB tokens can store not only digital signatures, but also passwords, seals, digital certificates, electronic keys, biometric data, etc. Therefore, tokens are great for protecting digital information and secure authorization on devices or services, including for two-step, two-factor or multifactor authentication.

Но, конечно, многое зависит от типов устройств — производители предлагают разные варианты, подходящие для самых различных целей: какие-то токены предназначены только для хранения ЭЦП, какие-то подойдут только для входа, например, в ОС Windows, а какие-то можно пронумеровать и выдать сотрудникам для авторизации в корпоративных аккаунтах.

What is the difference between a USB token and a flash drive


  • Tokens, unlike a flash drive, secure devices. Therefore, we immediately make a reservation: it will not work to make a USB token from a USB flash drive.
  • File data on a flash drive can be added or changed, but not on a token.
  • The key located on the token never leaves the device, and data from a flash drive can be easily transferred to another medium.
  • The information on the flash drive can be read by almost anyone, but not on the token. It is encrypted.
  • The resource of a USB drive is usually limited. Whereas USB tokens from trusted manufacturers are designed for more secure and long-term storage of credentials.

It is very important to choose a good quality token – this way you reduce the risks of unauthorized use of your data or signature.

How to choose a quality hardware key – security token


In order to select good quality devices, we recommend that you adhere to the following criteria:

  • International certification. You can, of course, try to use budget options from little-known manufacturers for home purposes. But in this case, there is no guarantee that vulnerabilities and malware were not embedded in the devices during production.
  • Support for common security protocols. This is important for the easy integration of the device into the services you choose.
  • No moving parts, impact resistant housing. Such devices will last for many years, and you can not worry about their frequent replacement.

Today, Yubikey USB tokens meet all the above requirements.

There is also a wide selection of these products:

  • Among USB tokens, you can choose both budget options for home use, and hardware tokens with enhanced protection for employees of government agencies, banking institutions, IT corporations, etc.;
  • The list of devices includes series that support one-time OTP passwords or protocols for 2FA, there are tokens specifically designed to work with popular services from Microsoft, Google, Facebook, Twitter, etc.
  • The manufacturer was concerned about the possibility of using keys on any device, so he offered various form factors: there are keys with USB-A connectors for PCs, there are USB-C for mobile devices, and there are also Lightning tokens for iPhone.
  • There are also nano-keys that fit into the USB connector and slightly protrude from the device body. This is very convenient, as they remain invisible and do not interfere with moving along with a laptop (if you like to travel, for example).

In addition, all Yubikey keys not only have a reliable impact-resistant housing made of composite material reinforced with fiberglass, but also enhanced protection against dust and moisture – IP68. If you suddenly drop the device into the pool or accidentally forget the USB token in your pocket while sending your clothes to the laundry, nothing will happen to it.

And given that Yubikey has become the choice of such major IT corporations as Google, Facebook and Binance, there is no doubt about the reliability and quality of products.

When choosing keys, be guided primarily by the purposes for which you want to use them. To make your task easier, we, as the official distributor of products in Ukraine, we can provide, upon your request, information with a list of services that support certain series of devices. Contact us!

New challenges and threats of modern cyberspace in the era of ChatGPT: how is the criminal’s portrait changing?

OpenAI introduced GPT chat version 3 in late 2022, based on large language models. He knew how to hold a conversation like a real person, communicate in many languages, pass exams, write software code and even blog. Already after 2 months, the number of his supporters...

Cybersecurity outsourcing – is it really dangerous and expensive?

Cybersecurity is a constant race against the clock: hackers find vulnerable chains and try to gain access to confidential information, while security experts build security systems that attackers try to break into after a while. And this happens all the time....

What businesses need to know about information security – an overview of technical tools

Unauthorised access to personal information, financial accounts or trade secrets can cause a lot of damage. This can lead to large losses due to the loss of reputation and financial assets, violation of user privacy, etc. Therefore, every person, organisation, business or financial institution must take care of data protection.

How the YubiKey protects against brute-force attacks: technicalities of attacks and key encryption

How the YubiKey protects against brute-force attacks: technicalities of attacks and key encryptionBrute force attacks are one of the most common hacking methods. It is considered one of the simplest, because in fact, in order to start an attack, an attacker only needs...

How to choose a quality USB token or security key

What is a USB token and how to use itThe concept of a USB token Since protecting accounts with a login and password has long been outdated, back in the early 2000s, many manufacturers began to offer USB tokens as an alternative solution. These are hardware keys for...

Two-factor authentication

Two-factor authentication Two-factor authentication In the modern world of computer tech, when it comes to information and personal data protection the use of passwords only is no longer reliable. It’s no secret, that even complex combinations of words, digits and...

Yubikey smart card mode without additional equipment

The idea of the first smart card was patented by the French inventor Roland Moreno back in 1974. Today, we already use this technology every day and cannot imagine how we can do without it: SIM cards, electronic travel tickets and passports, keys to hotel rooms, employee passes of closed enterprises, and bank payment cards work in smart card mode.

As a security key Yubikey protects against phishing attacks

As a security key Yubikey protects against phishing attacksPhishing (from the word “fishing”) or a phishing attack is one of the most dangerous and at the same time common social engineering methods used by cybercriminals. It is based on mass mailings of e-mails and...

How to protect your password from theft

The password is the first degree or first factor of protection against account hacking. It's very important to take care of its security, because if hackers steal your password, your personal data, documents, important correspondence and much more will be at risk. In...

What is multifactor authentication?

What is multifactor authentication? What is multifactor authentication and when is it appropriate to use it Account protection with the help of one factor – a complex password – ceased to be reliable about two decades ago. Therefore, network users are recommended to...