Filtered Geek

What is a Yubikey?

What is the most important thing on the internet to you? Ok, what do you use to keep those important things safe from prying eyes... A password. Why do you hate passwords? Because they are hard to remember! And this is one of the main reasons why your digital life can be at risk, you hate having to remember all your passwords, and because of that, you make them all short and thus easy to break! Well the Yubikey addresses at least part of that problem, weak passwords.

The Yubikey (Avaliable at Yubico.com - $25+S/H) is a small USB device with no moving parts and 1 button. When inserted into the computer it is recognized as a keyboard (this makes it basicly universally accepted with no drivers to worry about). Now if you hit the button on the Yubikey you will see a long string of gibrish type on the screen, what good is this you ask? Well read on.

Yubikey - Better Stronger Faster

So, you have a big long string of text, neat. Well this long string is actually a strong and UNIQUE phrase, and by unique I mean one time, never again, erase and its gone forever unique. Thats right, every time you press that button, you get a long string of text, that you will never ever ever see again. Well what good is that? Well to avoid getting into a long drawn out explination of why (which is better explained by a pro like Steve Gibson (creator of SpinRite --- Basicly best disk recovery tool EVER) on his podcase Security Now with Leo Laporte [Episode 143], but avoid being long winded, the code is unique, but there is a part of the code that is an identifier of the Yubikey (A fingerprint if you will), and this fingerprint can be used to identify the Yubikey, and use it for authentiction using super strong encryption.

Ok So Now What?

So with this unique key you can't just go to your banking site and make your password a button press of the Yubikey (too bad too). Websites need to integrate this type of authentication into their sites. So only if you could use this to manage your passwords.... WAIT YOU CAN! 

There is one password site that the FilteredGeek uses for just this application - MashedLife

MashedLife is a online password repository, that stores passwords in a encrypted account. Simple idea, create an account, and enter login credentials for websites, once that is done you create a login bookmark. Now when you are on a site that you have a login stored, you simply use the bookmark, some javascript runs and viola your username and password are inserted into the login fields. This stops key sniffers and the like, because you don't type on the keyboard, and better yet, you can use really complex passwords because you don't have to type them in! I prefer to use passwords from Steve Gibson's page, Perfect Passwords, which is basically a 64 character long, totality 100% random password, that is uniquely yours!

Ok so the one issue I had with MashedLife was that why would you protect all your passwords behind one password... if someone got that password, they could login anywhere you can.... Bad. Well the Yubikey just so happens to be supported at MashedLife, so you can register the key at the site, and then you use the key instead of a user/password. On top of that, you provide a PIN that you enter after your yubikey is used, which provides multi-factor authentication (awesome).

Yubikey - Filtering The Filter

Yubikey is a great way to use complex safe passwords, coupled with a site like MashedLife you can not only have super safe passwords, but also have easy access to them all!

1. Go Grab a YubiKey - $25 from YubiCo.com
2. Sign up for a MashedLife.com account
3. Enter your passwords into MashedLife (Changing your weak passwords if needed)
4. Register your YubiKey with Mashedlife
5. Enjoy a one stop shop with super secure passwords!