Obsessed with Bitcoin/DNM security? Check out a Yubikey

I guess 'Obsessed' really isn't the term to use here. If you are Obsessed with security then it's a no brainier, but even those who aren't necessarily OCD about security measures really should consider giving the Yubikey a go. Insanely cheap to buy, very easy to use, and you get not only the security but the peace of mind of knowing that as long as the physical key is safe and secure, you can rest easy knowing your Bitcoins, Username's, Passwords, and PGP is secure. As well as even keeping track of specific order details/tracking numbers of packages your expecting. Information that normally you wouldn't want to write down loosely for fear of having the wrong eyes finding it.

I've had one for ages yet only recently started using it. The Yubikey is pretty damn cheap yet offers security and peace of mind when either storing your Bitcoin's securely or keeping track of your DNM passwords.

Obviously you should never dupe your user/pass across multiple DNM's if you want to stay protected from unauthorized logins. The Yubikey is good for keeping track of all those user/pass/url's for all the DNM sites, plus makes it much easier to use passwords that contain just 40 letter/number/character passwords that you normally wouldn't remember unless you wrote them down somewhere. This would also ensure your not using a false market url setup to steal your credentials.

On top of keeping track of your URL's, Usernames, and insanely long/random passwords. If that doesn't offer peace of mind alone, then the fact that even if somebody had these credentials, they still could not use them unless they physically obtained the Yubikey itself. The option that requires you to press the button on the side of the Yubikey when using these credentials makes it damn near impossible to access your DNM account or Bitcoin wallet.

It's very easy to use and very affordable. I currently use two of these myself, one for DNM purposes, and one for my everyday purposes (banking info, tax info, etc). Strongly recommend for anyone dealing in a large amount of Bitcoin's or just simply want that security to be sure you stay safe!

EDIT: How can I forget PGP! Anyone using PGP, especially vendors, should absolutely have one of these.

EDIT EDIT: Check out this video, which explains some of the uses of this device. (Thanks to billnyethethrowawayfor posting this!)


Comments


[5 Points] sapiophile:

Note that the U.S. government has a really long history of backdooring hardware crypto products. They are inherently a lot less trustworthy than signed open-source crypto software.

If you really want a hardware token, your best bet is probably to get one from some real effin' cypherpunks, like the g10 smartcard: http://g10code.com/p-card.html - but even that is definitely a very juicy target for NSA to compromise in the supply chain...


[2 Points] pinkpanther227:

This wreaks of shill.


[3 Points] iLoveDNM:

Cool item, though with a product like this you have to blindly trust that it is manufactured correctly (no back doors, bad crypto, NSA stuff ;-). I've been watching another product like it being developed and am really excited for it to come out, called the Mooltipass. Works similarly, but has a display so you know which password you are entering. The mooltipass is open-source, which is huge (to me) when it comes to security devices.


[1 Points] Theeconomist1:

This is pretty slick! I just kind of skimmed the site but this looks really cool. So maybe its from my lack of reading, but does this actually store your passwords and usernames, kind of like Keypass? And if so, is there any security so that someone who finds this can just use your credentials? It mentions its a one-time password generator, does that still mean it stores your credentials and isn't just a fancy Keepass password generator?


[1 Points] billnyethethrowaway:

Yes love the Yubikey. check this out for more info https://www.youtube.com/watch?v=6eqryolAPow


[1 Points] None:

Are you using it as a OpenPGP key? Because you cannot use it to sign on to hidden services. I have the NEO and it barely works with GPG4WIN. Only thing I use it for now is storing two factor auth tokens.