Passwords are bad. People reuse passwords even though they know they shouldn’t. You need multi-factor authentication.
But just getting a text for that authentication is also insecure. Phone apps are better, but then you’re also relying on your own ability to keep your phone on you and charged.
Reader, that ain’t my forte.
So what’s the solution? Security tokens! There are an overwhelming number of kinds. A great heuristic for this kind of situation is
- Figure out who would be able to know the answer
- Figure out who would be motivated to get the answer right
- Do what they do
And so if you look at what is done by tech companies, who would know, who have tons of valuable secrets to protect, so they would care….
I’ve always felt that tech has underdelivered where enchanted objects are concerned, so a Yubikey is an interesting real life McGuffin–the videogame key you need to unlock the box to continue your quest. When the security of real keys is undermined by the fact that seeing them is enough to copy them, we have reached a world where the essence of a key is purer in this thing that is not-a-key.
Anyway, having a Yubikey isn’t enough, since its real utility comes from having it with you. So like the fantasy novel par excellence where the amulet must be worn to enter the temple… it is necessary to make this into jewelry.
I used to have the 5c nano in a coffin shaped locket I’d sanded to fit it, but now they make one with USB-C and NFC, and the challenge was increased by its larger size.
This is not quite my first attempt, but this is my favorite, so for your benefit…
That’s shrink plastic decorated with acrylic paint, with UV resin over the top. I have a better one that I haven’t applied resin to yet, so this is the one I’m using for now.
- An even bigger locket?
- A polymer clay pendant that has an impression on the back to allow the Yubikey to lie within it flatly
Comment with a webmention, or with commentpara.de