You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported almost exclusively by donations. Please consider donating a small amount regularly.
@Velocio
On Authy and Yubikey...
Authy = Google Authenticator replacement, but it can be backed up and transferred across devices. Once you have more than a few providers (I have 20) the thought of losing your phone is really scary... Authy removes that fear.
Yubikey is in addition to the Authenticator codes, it is a very long one-time password that only lasts a few seconds and re-generates. It requires carrying a key to set up new devices, but you can largely leave the key somewhere safe once your devices are registered.
Yubikey ensures that even if someone: 1) Knew your master Gmail password, 2) Figured out the Authenticator hash and could generate a code (or stole your phone)... that they still couldn't set up a new device as they wouldn't have the key.
Basically... Yubikey takes "pretty damn secure" and makes it "pretty insanely secure".