Yubikey

From

Jump to: navigation, search

Who is thinking he is save....

OneDutchBrother

Specs

Currently using a White (They come in White or Black) YubiKey with the default YubiKey One-Time Password (OTP) function (Yubico Cloud). It's 128 bit AES, read more on [1] If you don't trust someone, butt you trust the Yubikey itself, you are able to use the Yubikey without this cloud. You can even use both, it has 2 slots, slot 1 is programmed to use the cloud. Slot 2 contains nothing by default.[2]

Parts we need

A Yubikey, I ordered several additional Yubikey's in a package. If you want one, or two ( I'm using 2, if I loose 1 I can revoke the lost Yubikey with the other one) you can contact me. They are 15 Euro ($25 @ Yubico) wo shipment.

Questions

  • 1. Why ? Answer, Retrace..
  • 2. Nice ? Unsure, Security allway's add more dicipline/work.
  • 3. What do you do with it?
    • Using it for a terminal server logon.
    • Using it for LastPass authentication. Lastpass manages all other website logons, this is a weak central point.
    • Could be used with Yubikey Cloud WebSite API's for your own access control[3]
    • Start unlock your truecrypt drive with YubiKey

More Info

Information Website [4] Check 1 of your X mandatory passwords on [5]

Like Most

Allmost every O.S. accepts and USB Keyboard (HID Class) without Root/Admin rights. So be able to use YubiKey for a second-tier authentication on untrusted workstations is no problem.

YubiKey.JPG