How do I use a physical security key to protect my account?

Published on Jan 10, 2025Updated on Apr 29, 20253 min read2,296

What is physical security key?

A physical security key is a type of hardware-based authentication used to verify account access and transactions. Unlike software-based options, physical security keys work offline and are not reliant on cloud services, minimizing risks like account takeovers or unauthorized access.

Why choose physical security key?

A physical security key provides an additional layer of protection, especially against potential vulnerabilities in software-based options like authenticator apps and passkeys. While software-based options offer convenience, they also come with potential risks:

  • Authenticator apps: if synced with cloud accounts (e.g., Google or Microsoft), losing access to the account could expose the authenticator. Device theft also poses a threat if lock-screen security is compromised

  • Passkeys: while more secure than passwords, they rely on third-party account synchronization and can be accessed if the linked device is stolen and unlocked

If you are new to this technology and considering using physical security keys, here are some advantages and limitations to keep in mind:

Advantages

Limitations

Operates offline, eliminating risks from cloud synchronization or third-party account breaches

You may need time to understand how to use the hardware

Operates offline, eliminating risks from cloud synchronization or third-party account breaches

The device must be carried for use

Cost-effective compared to setting up a dedicated device for authenticator apps

Loss of the device or PIN could still pose challenges

How do I use the hardware security key?

We support advanced authentication methods, including hardware security keys, to help protect your account. You can use a hardware security key in two main ways:

1. Passkey Based Authentication

Use your hardware security key to verify your identity during logins and key actions—such as withdrawals—offering an extra layer of security against unauthorized access. Here's how to set it up:

  1. Go to okx.com, open the menu, and select Profile & Settings

  2. Navigate to Security Center > Passkey > Add Passkey > Use other equipment or external key

  3. Follow the prompts to confirm your PIN and complete the binding process


Once set up, your hardware key can be used for secure logins, withdrawals, and other sensitive operations.

2. One-time CAPTCHA-based authentication

Similar to other traditional authenticators (for example, Google Authenticator or Microsoft Authenticator), which generates time-based one-time passwords (TOTP). To set it up:

  1. Go to Profile & Settings on okx.com

  2. Navigate to the Authenticator App binding page and copy the key provided

  3. Use your hardware device to store the key and generate verification codes


This method provides enhanced security for actions that require one-time password input.

Where can I use the physical security key?

At OKX, physical security keys can be used in two primary scenarios:

  • For Passkey-based authentication

  • To generate one-time passwords (OTPs) for enhanced security, similar to using a regular authenticator app like Google Authenticator or Microsoft Authenticator

How to purchase a trusted physical security key?

When purchasing a physical security key, ensure you choose reputable brands like YubiKey or Ledger from trusted retailers. These devices are designed to offer high security without relying on cloud synchronization and are compatible with OKX's authentication systems.

If you'd like to learn how to set up and use your physical security key after purchase, please refer to the official website of the retailer or manufacturer for detailed instructions.