Setting up Yubikey

Adding Two-Factor Authentication With Yubikey

Recently I've been looking at "beefing" up the security on some of the web apps that I use on a regular basis. The first "app" that I looked at locking down was Dropbox. I'm quite a heavy user of Dropbox and it's used for sharing and receiving files from clients as well as storing all of the files for projects that I'm currently working on. Adding two-factor authentication is easy with Dropbox and the ability to do this is free and included in the settings section of the Dropbox website, and works by sending a text message with a single use code to your mobile phone when you log on from a computer you've not used before. I then started looking at the other systems I use and remembered a device I'd heard of a while ago, the YubiKey. The standard YubiKey is a small USB device, about the size of a small USB storage device, but is recognised as a keyboard by Mac's and PC's. Setup in a range of services is quick and easy, and once activated you simply press the gold disc to generate a one time password. I also like being able to use one device with all of these services, meaning I don't need to carry a bag of OTP devices with me! I opted for the YubiKey Standard, but there are other models available including one equipped with NFC (near field communication) for use with mobile devices. It works with my billing system and password manager, and can be used with WordPress and whole host of other apps, is setup in a minute or two. But what if I loose my YubiKey? Well, so far all of the services I've set my YubiKey up on also generate a backup code that I've got written down and stored in an offsite location that will get me back into these systems. Whether or not it does make my data more secure remains to be seen, but adding two-factor authentication to my most critical systems has given me some added peace of mind. Setting up Yubikey