| No Comments | No TrackBacks
Russell recently blogged about the yubikey from Yubico. It's a security token device, so you use it to authenticate against things. Security token devices are better than passwords because the password that is used keeps changing, so it's harder for an attacker to exploit.

Other tokens, such as the RSA tokens require batteries, and the user to type in the code displayed on the token. They need batteries. Yubikey is interesting because it doesn't need batteries, you plug it into the USB port on your computer. It also acts as a keyboard. So instead of you reading a code from the token, it types the password for you. As it's a time varying token the password is different each time you go to use it.

What this means is that you can use any computer without worrying that the computer has been compromised and could steal your password. It means you don't have to remember your password.

And all the code to support the token at the server end is open source. I'm thinking of getting a couple, and seeing if I can get them to work with all my cromp.id.au authentications.

No TrackBacks

TrackBack URL: http://geoff-blog.cromp.id.au/cgi-bin/movabletype/mt-tb.cgi/55

Leave a comment

About this Entry

This page contains a single entry by Geoff Crompton published on March 27, 2010 6:58 AM.

cannonball was the previous entry in this blog.

maybe easy conversion from python modules to deb packages is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.



Powered by Movable Type 4.23-en