Doing Digital Security Daily

  • 30th Mar 2022
  •  • 
  • 3 min read

It’s always a dangerously fate-tempting endeavor to say “here’s where I store my passwords” or “here’s how I prove who I am” and that’s why most people shut up about it.

But that’s what I’m doing here in this post. Why? Because it’s frickin’ confusing out there, that’s why!

Keep in mind that this is accurate for the date that I’m posting it, but I reserve the right to make a change as circumstances change without updating this post first. In other words, this is the best thing that I know to do as of today, and the world changes fast.

I use YubiKey. That’s a physical hardware key.

If you’re worried about losing your key, hey get a couple of ‘em. I have one in a safe, one with my keys, and another one that I’m not going to tell anywhere it is. I spent about $100 in total to buy all three of these. That’s not free, and maybe that’s more than you want to spend, but for me, I’m just paranoid enough to think that’s totally worth it.

Here’s a great guide from Paul Stamatiou on security keys.

And if you’d like a more digestible and less detailed overview, watch this video from Naomi Brockwell.

With a hardware key, you thwart nearly all currently available ways that someone could impersonate you to get away with bad stuff in your name. You’re you, and you prove that with your little key that you physically touch. Not unlike a lock in a door, you could share the key if you want, but it’s only truly secure when you don’t do that.

I’d like to humbly suggest that whatever you feel comfortable doing with your house key or your car key can be the same as what you do with your hardware key. Keep it all physical, and it drastically reduces your threat window.

I use this key to log in to devices, access my password manager, and generally to authenticate myself. My main key is the USB-C YubiKey 5C NFC because it works with all the devices I currently have very well. I do keep an adapter to be able to use it with a standard USB-A port, but I don’t know that I’ve had to use it yet. There are a number of different models, look and see which one might work best for you.