|Yubikey - My Start - I decided to venture into YubiKey Two Factor Authentication (2FA) to provide extra protection on some of my account logins.
YubiKey Neo USB-A with NFC
YubiKey 4 USB-A
YubiKey 4 Nano USB-A
1. I help out fixing other people's computers and sometimes log into my accounts for testing purposes.
2. Learning about 2FA.
3. Choosing YubiKeys as a good fast 2FA process. (rather than phone SMS 2FA, etc)
4. Use 2 or more YubiKeys for backup in case one gets misplaced, lost or stolen.
5. Maybe the Keys will provide extra protection against nasty attacks from the web.
6. YubiKeys are reported as rugged and reliable.
25 January 2018
I installed Google Authenticator on my phone.
This apparently generates OATH (One-time Authentication) codes for use with Yubikey Neo.
So now I can log into Facebook using my Yubikey Neo for 2FA.
18 January 2018
I logged into my Gmail accounts, enabled 2FA logon and setup all my keys as recommended in case one goes missing.
Also logged into my Facebook account, enabled 2FA and setup my keys. Also disable my phone so that SMS 2FA was disabled.
I didn't do any fancy configuration of the keys. Just used them as received.
My biggest discovery of the day was that Facebook and Youtube must be accessed via the Chrome browser for the Yubikey 2FA authentication to work.
Using the Youtube and Facebook apps do not allow the keys to work.
So my big questions are what happens when the apps are used?
Does login revert to single factor login?
Can someone log into my apps with my single factor credentials?
Facebook app login says that an SMS has been sent, even though phone is disabled... Not received, not surprising!
Phone Facebook via Chrome only works with a Bluetooth or USB key.... No Yubikey Neo... What a PITA...
13 January 2018
Made a YubiKey USB-A protector using some heat shrink tubing.
The YubiKey is supposed to be rugged enough to avoid damage from keys on a key ring.
However, I decided to provide extra protection for my KubiKey.
11 January 2018
My prime areas of 2FA protection will be:
Google for mail and web sites.
Some 'Maybe' 2FA protection:
Android login on my phone.
Windows login although I already have 3 levels on my desktop computer: Bios, Bitlocker and Windows PW. Enough!!
Bank #1 (already have a numerical array card issued by the bank for 2FA)
Bank #2 (have a 2FA key issued by the bank)
Investment accounts - not sure how to use 2FA here. However they are fairly locked down and with some internal numerical keys.
My Domain Registrar.
27 December 2017
I ordered my YubiKeys from Amazon during the Christmas - New Year week, 2017/2018, along with some other stuff, so I am not expecting to receive the Keys until 22 January 2018.
YubiKey Neo (US$50. USB and has NFC (Near Field Communication) for mobile phone use without the need to plug in the key)
YubiKey 4 (USB for my desktop computer. US$40)
YubiKey 4 Nano (USB small physical size for my laptop.US$50)