<div dir="ltr"><div><div><div><div>I've been using one with LastPass for a couple of years now. I use two-factor to activate LastPass on a system, then let lastpass manage all my passwords. <br><br></div>Simple and effective. <br>
<br></div>For your banks, etc.. The website would have to implement 2-factor and allow the ubikey as one of the factors. To the best of my knowledge, none of the US banks do this yet. The closes is Chase that requires a 4digit key that gets sent vial e-mail or SMS to an e-mail address or phone on my account when I log in from a computer for the first time. <br>
<br></div>E-trade has started doing that as well as asking me questions about things on my credit history to authenticate me. Guess that's multi-factor taken almost too far. User/pass + SMS code + 5 questions from credit report == 7 factor? <br>
<br></div>Scott<br><br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Mar 4, 2013 at 9:29 PM, Mike Harrison <span dir="ltr"><<a href="mailto:cluon@geeklabs.com" target="_blank">cluon@geeklabs.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
http;//<a href="http://yubikey.com" target="_blank">yubikey.com</a><br>
</blockquote>
Steve Gibson talks about those quite a bit. Is there a way to use them for external things, like your bank?<br>
</blockquote>
<br></div>
If the bank supports them, yes.<br>
<br>
they don't store passwords, they create one time use incremental tokens...<br>
<br>
They aren't uber-high level freaky James Bond / Bruce Schnier secure..<br>
but they are an effective and very very well done level<br>
with a good price point for devices and reasonable implementation pain.<br>
<br>
That makes them desirable and useful as the 2nd factor.. (or third.. or.. )<br>
Useful and used makes them better than uber-quantum secure and hard to implement and therefor not used.<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
<br>
<br>
<br>
______________________________<u></u>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/<u></u>listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/<u></u>listinfo</a><br>
</div></div></blockquote></div><br></div>