YubiKey – a Pass Drive

1K Blog Marathon: Day 66

In our online world, almost everything is interconnected – from computers to mobile phones, to televisions and even microwave oven! And since technology is everywhere, we are using it every time.  We use technology from a simple social media to banking and shopping online. What represents our online existence is our accounts. Be it an email account, website account, and even bank account. With these confidential informations that we share online, are we really sure that these accounts are secure enough, or are there any possible ways to make it more secure for our use?

The increasing demand for online transactions, increase in the internet speed, and increase in users were like a fishing pond for hackers. By means of different attacks, spams and hacks like phishing and pharming, our personal accounts are just waiting to be hacked, literally. Thanks to the improved securities given by internet companies and anti-virus applications.

But aside from vulnerabilities online, did we take proper measures in securing our accounts offline? Did you save your passwords in a password app or you just write it on a sticky note? What if I tell you that you can protect you accounts with the use of a USB Flash Drive?

Insert YubiKey

YubiKey is a USB – like hardware used for 2-Factor Authentication. 2-Factor Authentication is a way to authenticate a user aside from providing password. It’s like a duplicate key when you lost your primary key to open a padlock.

It is manufactured by Yubico in 2007 that offers a Pilot Box for developers.

Technology behind

Yubikey supports one-time passwords, public-key cryptography and authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols. When a website asks for a 2 factor authentication using a YubiKey, what it does is it provides a one-time password or generates a public/private key pair.

How to use YubiKey?

When logging-in, for example in your Gmail Account, you can set a 2-Factor Authentication. 2 Factor Authentication is the way to log-in to your account even if it has been compromised by a hacker. Instead of providing your password (that may be changed by the hacker already), you can either do any of the following:

  1. Answer different security questions;
  2. Enter a security code sent to your phone via SMS;
  3. Enter a security code sent to a different email address connected to your account;
  4. Enter a security key.

When using the 4th way to authenticate, we are:

  1. inserting the YubiKey to the USB slot of our PC or Laptop when prompted;
  2. press the button part of the YubiKey;
  3. then Gmail will automatically recognize the YubiKey and logs you in.

This is a great explanation from Infinite Loop’s YouTube Video:

Source: https://www.youtube.com/watch?v=i9-viVcIkKQ

Security of our accounts is really a bid deal. We should not compromise our accounts but instead empower it more using different technologies that we can get – it’s worth it.

“And that’s one blog, stay hungry!”

“Passwords are like underwear: don’t let people see it, change it very often, and you shouldn’t share it with strangers.”

Chris Pirillo  

Published by Christian Foster

Code-blooded, coffee-lover, tall, dark and chubby. I love to draw, has motion-sickness and a sleepy-head. BTW, graduate of BS Computer Science, Associate in Computer Science and certified UiPath RPA Developer. Loyal to my partner and a father of a cute bouncing baby daughter!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website at WordPress.com
Get started
%d bloggers like this: