Cool, and simple. The Yubikey is a one-time password generator in a USB key. Plug in in and it emulates a USB keyboard. Touch the button on it and it will type out a one-time use password. Basically the same system as "rolling code" garage door openers.
The hardware should be pretty cheap having no battery like the RSA SecurID tokens, just a microcontroller. It claims to be somewhat resistant to phishing, though I cannot see how that works.
The hardware should be pretty cheap having no battery like the RSA SecurID tokens, just a microcontroller. It claims to be somewhat resistant to phishing, though I cannot see how that works.
The YubiKey
It works seamlessly with any hardware and operating system combination supporting USB keyboards such as Windows, MacOS, Linux and others. The Key generates and sends unique time-variant authentication codes by emulating keystrokes through the standard keyboard interface. The computer to which the Key is attached receives this authentication code character by character just as if it were being typed in from the keyboard - yet it's all performed automatically. This process allows the Key to be used with any application or Web-based service without any need for special client computer interaction or drivers.Link
The YubiKey differs from traditional authentication tokens based on time-variant codes in that it needs no battery and therefore does not rely on an absolute time generated by an accurate time source. No battery means unlimited shelf life, no synchronization and customer support issues, and enables significant cost reduction.
Leave a comment