Yubico Yubikey - increasing your authentication for services

Handruin

Administrator
Joined
Jan 13, 2002
Messages
12,786
Location
USA
#1
Anyone else here use or consider using a 2FA key like Yubico's YubiKey 5 NFC? If you're not familiar with these, they are a physical token that is used to provide strong authentication for many different services/devices. They have a quiz if you are curious what version of their device to consider if you're interested.

I just bought two keys right from their site and they have a 20% off code (YK18EG) that can be used on the YubiKey 5 NFC for up to three keys. The typical recommendation is to buy two keys and keep one in a safe spot in case you lose the primary one. I won't have mine for a few days to give any feedback but was curious what others think about using physical keys to help improve their authentication and security.
 

LunarMist

I can't believe I'm a
Joined
Feb 1, 2003
Messages
14,697
Location
USA
#2
Anyone else here use or consider using a 2FA key like Yubico's YubiKey 5 NFC? If you're not familiar with these, they are a physical token that is used to provide strong authentication for many different services/devices. They have a quiz if you are curious what version of their device to consider if you're interested.

I just bought two keys right from their site and they have a 20% off code (YK18EG) that can be used on the YubiKey 5 NFC for up to three keys. The typical recommendation is to buy two keys and keep one in a safe spot in case you lose the primary one. I won't have mine for a few days to give any feedback but was curious what others think about using physical keys to help improve their authentication and security.
I don't quite understand the need. Would this device automatically log into SF for example when it is plugged into any computer?
 
Joined
Feb 4, 2002
Messages
19,277
Location
Monterey, CA
#3
I have one in a drawer. The only place I deployed it properly was when I was very active in the bitcoin stuff. Google Authenticator is just so much easier for most things, and adds at least 50% of the security?

@LunarMist: It doesn't make logging into stuff easier, instead it makes your accounts more secure. In addition to using a password, you also have to use the thing to authenticate. This makes password compromises much less effective.
 

LunarMist

I can't believe I'm a
Joined
Feb 1, 2003
Messages
14,697
Location
USA
#5

Handruin

Administrator
Joined
Jan 13, 2002
Messages
12,786
Location
USA
#6
Something must be broken with your web browser if it's not loading. The page loaded the list in less than 3 seconds for me. Yes this YubiKey (and other versions) work with Microsoft accounts. Check out the video in the link.

This YubiKey should be better than those old RSA key generators. The YubiKeys are rugged and should have more than enough session counters to last you 7+ years or longer. They also support the RSA SecurID via FIDO U2F so you can use it in lieu of the RSA key fob.
 

LunarMist

I can't believe I'm a
Joined
Feb 1, 2003
Messages
14,697
Location
USA
#7
Yeah, it is Windows 7. Of course if Yubiclo is a good idea and works well I'm 100% sure we won't implement it. :(
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
12,786
Location
USA
#8
Our upper exec's (ceo/cofounder/etc) at work are required to use these keys for their accounts.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
12,786
Location
USA
#10
I got my YubiKeys in the mail and I spent some time going through accounts to enabled them. They seemed to work seamlessly so far. Even when logging in on my phone I can scan the key via NFC very easily. Now I have reduced some potential security threats when it comes to authentication via mobile SMS. I've disabled SMS authentication making it more challenging if I ever become a target/victim of sim swapping. Obviously nothing is full-proof or 100% certain but this cuts down on some potential factors.
 

Clocker

Storage? I am Storage!
Joined
Jan 14, 2002
Messages
3,535
Location
USA
#11
I was thinking about getting one to use with LastPass as a 2nd way to have 2FA. I use the authentication app right now but the YubiKey seems like a good backup if I don't have access to the app.
 
Top