Your hardware security key will randomly generate a public and private key pair. The private key never leaves your hardware security key. But the public key will be sent to a server. Your hardware security key will also send a random number (called nonce), which is used to generate your keys, as well as another number (called a checksum), which serves to identify your specific hardware security key. When you enter your login credentials into an online account, the server will send that nonce and checksum back to your hardware security key along with a different number. The hardware physical key will use the nonce and checksum to regenerate its private key, and then it’ll sign the number that was sent to it by the server, which ultimately verifies and unlocks your online account with your public key.
Log into your Facebook account. Click on the drop-down menu icon in the corner and select Settings. Now you’re at General Account Settings. Select the “Security and Login” link from the left sidebar. Scroll down until you see the section called Two-Factor Authentication. Click Edit on the Use two-factor authentication option. Click on Get Started to set up a text message or an authentication app. Go back to Two-Factor Authentication and scroll down to Add a Backup. Select Setup for the Security Key option. Enter your Facebook password and click Submit. Connect your security key (usually by inserting it in the USB port). Tap the key’s button. You should get a confirmation pop-up.
