Brandon Dees (@brandondees) and I are both really big security geeks when it comes to technology. We are both really into bringing multi-factor authentication as standard equipment to the applications that we build. With something you have, and something you know, instances like the Buffer app breach can be mitigated in many circumstances.
That is why we are embarking on a project to standardize the inclusion of physical security devices into standard Rails application design.
To that end, we are experimenting now with the YubiKey security tokens. It’s a really small, battery-less authentication device. The user plugs it into his or her computer just like a USB memory stick and with the press of a button, it enters a crazy long password into the website or application!
Image Source: Yubico
The Neo even supports OpenPGP keys, as explained in this 2012 blog post by the Yubico Team.
Brandon (in Nashville) received his by mail yesterday. He said that he is already making use of the standard one for this personal security and will be using the Neo for our experiments.
I suspect that mine will arrive sometime today. The postal carrier arrived a few hours after this post with my new YubiKey Neo! The mail just made it to Nashville a day sooner than it did to Atlanta this time around.
I also have OpenPGP chip+pin smart cards on order. They will be the topic of a future post.