2-factor authentication (2FA) is an authentication process that is comprised of two elements. The first is something you know, such as a password. The second is something you have, usually a security token or a smart card. 2FA increases your security because if a hacker manages to steal one factor—like your password—they won't be able to gain access without the second factor.

2-factor authentication (2FA) greatly increases your identification and access security by adding a second "factor" to the authentication process. 2FA helps protect crucial data and information, such as bank accounts and confidential records, without the need to manage multiple complex passwords.

Advancements in technology mean hackers have many easy ways to steal static passwords. Common attacks include malware, phishing, Man-In-the-Middle (MITM) attacks, and much more. If the password you use is static, it never changes, which makes it possible for hackers to steal it and use it to access your internal networks. This is why using a second factor to secure your account access keeps you much safer.

U2F, or Universal Second Factor, is an open authentication standard created by the FIDO Alliance designed to let you securely sign in to a number of web-based services. It's effective at combating real-time attacks such as Man-in-the-Middle (MITM).

Your online purchasing experience and security are our top priority. We use industry-leading e-commerce service providers such as Amazon.

We ship globally using Canada Post, UPS, or FedEx. All destinations are subject to the availability of these carriers, as well as exporting regulations where applicable.

Yes, fulfillment services, such as drop shipping to your clients' locations, are available. Please contact us to learn more. We are more than happy to discuss with you how we can help meet your individual requirements.

Yes, we offer corporate discounts and special prices for large orders. Please contact us for details.

Yes, customization services, such as branding, special packaging, and software customization and development, are available on most Hypersecu products. Please contact us for details.

We can provide products and solutions tailored to your needs. Please contact us for details.

The FIDO Alliance is a non-profit organization dedicated to reducing reliance on passwords and usernames for authentication. Their goal is to develop an open set of standards that can be widely adopted in order to change the nature of secure authentication. Our HyperFIDO products are developed using the FIDO Alliance's standards and protocols.

The HyperFIDO Security Key is a 2-factor authentication device that adds a strong second factor when signing in to online services. Registering and using HyperFIDO requires just a press of a button. It works with all online services that support the FIDO protocol, including Gmail and Dropbox. Learn more about HyperFIDO.

To use your HyperFIDO Security Key, register the key with the account you want to secure, then activate the device by pressing the button during the registration process. The next time you sign in, simply insert the security key into a USB port when prompted and press the button. Learn more.

The HyperFIDO security key prevents phishing and can also combat real-time attacks that can breach accounts by secretly intercepting communication between a user and the authentication server. It helps reduce reliance on passwords while increasing security. FIDO protocols are widely adopted by many online services, making it a versatile solution.

Standard HyperFIDO keys support only FIDO U2F protocols while the HyperFIDO Pro supports FIDO U2F, FIDO2, and HOTP (event-based one-time password). Be sure to check you have the Pro version if you want to use either the FIDO2 or HOTP features.

Register your HyperFIDO security key with the account you want to secure, then activate the device by pressing the button during the registration process. When you sign in later, simply insert the security key into a USB port when prompted and press the button. Each web service you register your security key with has their own process for registering a key and signing in. Please refer to the guides provided by the particular web service or online platform you're using for more information.

You can use HyperFIDO with any online service that supports FIDO protocols when accessing these services through a web browser that supports FIDO, such as Google Chrome. Popular services include Facebook, Gmail, Twitter, and many others. Learn more.

There is no limitation to the number of accounts with our new generation HyperFIDO security keys. (Previous versions of the HyperFIDO K5, delivered prior to 2017, supports up to 64 individual accounts.)

Google Chrome ver. 38 or higher and Microsoft Edge support FIDO protocols and compatible applications and services. Mozilla Firefox Quantum (60.0 or higher) will support U2F if security.webauth.u2f is toggled to true in about:config. However, support for all U2F-compatible applications and services is not guaranteed. Make sure you are familiar with modifying Firefox's configuration before doing so. We recommend Google Chrome when using FIDO U2F, and that you update your browser version regularly.

You’ll need to add a rules file to your Linux system. To do so, follow the procedure described in Setting Up HyperFIDO with Linux in our Guides.

Many services allow you to register multiple security keys under a single account. If more than one person is using the same account, you can each register and use your own HyperFIDO Security Key independently.

For FIDO-related functions (FIDO U2F and FIDO2): Duplicating a key is not possible. To make spare devices, simply register multiple HyperFIDO keys to your account and keep the spares in storage. Most web applications such as Gmail will let you register more than one security key to use as backup. For HOTP-related features (HyperFIDO Pro only): You can program different HyperFIDO Pro security keys using the same HOTP seed (secret key). To do so, use the HyperFIDO Pro HOTP Programmer tool.

Most web applications will require you to register at least a backup method of authentication, such as a code sent to your phone via text. You can select this backup method to authenticate and access your account. From there, you’ll be able to remove the security key from your account, then register a new one. If you’re still having trouble accessing your account, please contact the web application’s support team for further assistance, as each service has their own account recovery process.

While our HyperFIDO Pro Security Keys are water resistant, due to the USB contact it should not be considered waterproof. We recommend storing the device in a cool, dry environment and to avoid getting it wet if possible. If it has come into contact with water or another liquid, remove the device if it’s inserted into your computer and dry it off immediately and thoroughly before reinserting it. This will help prevent damage to both the key and your computer.

For Windows 10: Refer to instructions forresetting your PIN in Managing HyperFIDO Pro on Windows. For macOS and Linux: Refer to instructions for resetting your PIN in Managing HyperFIDO Pro with Chrome Browser.

While you can use the FIDO U2F and HOTP features of the HyperFIDO Pro without a PIN, using its FIDO2 features will require a PIN. The PIN is a part of the FIDO2 protocol when registering and signing in. It cannot be turned off or removed.

The HyperFIDO Security Key does not store any user data on the device, and it will not be affected by any computer virus.

To connect with a mobile device, you can use a USB-A to lightning adapter for iOS or a USB-A to USB-C adapter for Android.

FIDO2 features related to its usage for Windows PC and other Microsoft products are determined by Microsoft. Currently, the HyperFIDO Pro can only be used to log in to a Windows PC joined to Microsoft Azure AD or other service compatible with FIDO2. For more information, visit Microsoft Support.

The standard HyperFIDO Security Key is only compatible with FIDO U2F protocols. Only the HyperFIDO Pro Security Key has FIDO2 features, which is different from FIDO U2F. Standard HyperFIDO U2F security keys will not be compatible with services using FIDO2. Please purchase a HyperFIDO Pro to use FIDO2 features. If you find your FIDO U2F key is not working, please also double check if the service you’re using is compatible with FIDO U2F or if it’s FIDO2 only.

The HyperFIDO and HyperFID Pro do not require regular upgrades currently to function. We recommend making sure your web browser is kept up to date.

The FIDO2 and FIDO U2F features for the HyperFIDO Security Key do not require any third-party drivers or software to use. However, to program the HyperFIDO Pro’s HOTP features, you will need to download our HyperFIDO Pro HOTP Seed Generator and HyperFIDO Pro HOTP Programmer under Downloads.

While the HyperFIDO Pro’s HOTP event-based one-time password feature is part of the device, it is unrelated to FIDO protocols and can be used like any other dynamic one-time password device. To program the HyperFIDO Pro’s HOTP features, you can download our HyperFIDO Pro HOTP Programmer. Once the key has been set up and registered with an account, you can enter the OTP code into the OTP field for your account when signing in by pressing the button on the security key. Pressing the button will fill the text field with the OTP code automatically so that there’s no need to type it.

In addition to FIDO U2F and FIDO2 features, the HyperFIDO Pro also supports HOTP (HMAC event-based one-time password). If you are using any application which allows you to add a HOTP authentication device, you may program the keys using our programming tools, which can be downloaded here [/downloads]. Initially, if you press the key and receive the "888888" entry, that means this HOTP feature of the key has not been programmed yet. If you only want to use the U2F and FIDO2 features, there’s no need to program the HOTP function. The default 888888 produced by the HOTP feature will not interfere when using your security key with FIDO U2F and FIDO2.

A one-time password (OTP) is a unique, dynamic password that changes based on either an event (like a button press) or a time value (from the clock on device or server). It's valid for only one login session, which effectively prevents password theft.

OTP tokens provide a unique dynamic password each time you sign in, which significantly decreases the risk of password theft. It also prevents the need to change your password frequently or to maintain long and complex passwords.

Simply press the button on the token to display your one-time password value, then enter the value to sign in to your OTP-enabled network services. Check with your service provider to see if your account has been linked with an OTP token.

Yes, our mobile OTP for iOS is available from iOS App Store, please go to your Apple App Store and search HSAuthenticator to download.

A time drift is when the internal clock inside a time-based OTP token becomes out of sync with the server’s time window. When this happens, the codes generated by the token will no longer match what the server recognizes and authentication will fail. Many authentication servers will provide a feature to re-sync the OTP token so that there’s no need to replace it.

If you need to re-sync an OTP token, many OTP authentication servers will allow you to do so. A common method is to have the user enter two OTP codes in sequence. The server will then verify the token’s ownership, determine the time offset on the token, and store this information in order to calculate future passcodes. However, all authentication servers are different. Please contact your authentication server provider if you are not certain how to re-sync your OTP token.

A seed, secret key, or seed value is a unique symmetric key associated with each OTP token and the server account linked with this token. This is a core element for all types of OTP tokens. For services similar to Google Authenticator, your seed value or "key code" will be generated and given to you by your online service provider.

A public key infrastructure (PKI) is digital certificate-based security solution that provides online security for identification and authentication, as well as safe and secure digital transaction using digital signing and encryption/decryption. Each unique certificate generates a key pair containing a public key and a private key. Your public key can be used to verify a digital signature or shared to encrypt information, while a private key is used for decryption and digital signing. With our HyperPKI tokens, all operations are performed on board within a secure and closed environment to prevent data theft and malicious attacks. Learn more about HyperPKI.

Our HyperPKI USB token does not require any additional plugins or drivers to use. Each HyperPKI token includes the PKCS#11 middleware, allowing the token to function with any PKCS#11 PKI-enabled application like Microsoft Outlook, Windows Smartcard Logon, Adobe digital signatures software, Firefox, and more. PKCS#11 offers a user-friendly interface to manage certificates and log on to remote systems. You can also use our HyperPKI HYP2003 middleware to manage your HyperPKI token. Download the latest version here.