I bought my second Yubikey as a backup. It came in the mail yesterday. I wanted to start securing my data and every reference document for Yubikey advised getting a backup key to use incase you lost the first one. I lose a lot of stuff so I decided to follow this sound advice and I got another one. now I am ready to dive in.
I am going down the rabbit hole of making sure all of my passwords to the hundreds of websites and computers that I access have unique and strong passwords. I am using LastPass to help me manage my passwords and I am using several multi-factor methods to access the resources online and in my office and home to perform computer related tasks.
It has taken me a long time and a lot of research to get to this point of actually committing to a method in the madness of managing passwords. I have also been using full disk encryption on a few of my laptops and computers and I will use this Yubikey to authenticate access to the data at boot time.
This is the first of several Blog postings that I will write as I document my path into this new world of hardened security. Now that I have a smart phone that is not owned by my employer, I can take advantage of the Near Field Communication (NFC) in Yubikey as well. I have been avoiding engaging with learning and figuring all of this stuff out in the past because, well “it is just too complicated”. I know that going forward more companies are going to move in this direction and individual users of the Internet will also need to set up the environment to secure their authentication to resources that then need to gain access. I guess I am going to learn this so that I can help my friends who want to dive in and harden their data just like me.