January 13, 2021

Yubikey vs Google Authenticator

Why exactly are hardware keys considered more secure compared to Authenticator apps?

Assuming a hacker has my username and password for an account, it seems like an Authenticator app holds one extra layer of security over the Yubikey.

If someone finds my yubikey, they’ve got it. But if someone finds my phone, they’d still need to break through my phone’s password/Face ID to utilize the Authenticator app.

What am I missing? Can a 2FA Authenticator app be spoofed or something? Thanks.



Your phone (with the authenticator) could be compromised, so too your 2FA via the authenticator. Presumably your hardware key is still in your pocket and not always exposed to the internet. Someone who finds your hardware key AND also has your username and password is very dedicated.


I prefer hardware over software. But Google Authenticator is still a good option. 2fa is important, either one adds a layer of security.

I have a hardware encrypted USB that requires a pin. I just prefer hardware honestly.

I use it to log in to my OS as well, something google Authenticator can’t do.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.