I’ve been a fan and user of Yubico’s YubiKey for about half a decade. I use it specifically to provide a second factor of authentication in my personal networked life. We’ve seen significant issues with our human ability to remember passwords, make them with enough entropy yet still remember them, and not reuse them for every website we use throughout our life. There is an interesting ecosystem growing with password creation from the use of word combinations (xkcd’s example), image selection, and the traditional rule based password requirements. This ecosystem continues to develop and at sometime in the future I suspect we’ll see a standard progression away from the traditional and very vulnerable traditional password.
This is where Yubico steps in to answer the call. Having just announced the YubiKey NEO this has the ability to make it into the mainstream. The NEO is enabled with Near Field Communication (NFC). You might be more familiar with NFC for its swipe and pay feature that it makes possible which has been added to several smart phones. The NEO could be a key used to unlock this swipe and pay feature seamlessly. Keep the NEO on your person and swipe the phone past it. At this point the phone unlocks and enables you to swipe and pay for your purchase. This helps prevent significant loss when a phone is lost or stolen. It also makes it more difficult for an attacker to understand what you are using because you can leave the NEO in your pocket or bag and not expose your specific authentication process. This capability enabled with NFC only adds to the specific key capabilities of all YubiKeys unique token feature.
I see the requirement for two factor authentication (and shortly three factor) in everyone’s private life now; not just something you do at work or when forced with a Common Access Card (CAC). I see this requirement become vastly more important with a persons importance risk profile. Our military and government leadership will only continue to become specific targets as organizations become more difficult to confront directly in a Cyber conflict.
[Available Feb 27, 2012 via Yubico]
Incoming search terms:yubikey neo review, koop yubikey neo
Follow A Cyber Fellow on Twitter!
"Yesterday Apple Fixed A Bug In iOS 7. It’s A Doozy" http://t.co/3lZ2UVsEKW
"ICYMI: Rackspace president on why cloud is important but it’s not everything" http://t.co/SDcbGLsrtk
"Ustream launches nonprofit program to support citizen journalism in Ukraine and beyond" http://t.co/YzEqnXnq1y