contador javascript Saltar al contenido
Contact :

Protecting digital identity through hardware: my experience

hardware protection yubikey youbikey 5ci iphone 610x610

We have already been bored to warnings but the human being persists in his stubbornness: Internet is not a safe place and still, as of today, we continue to see how passwords 12345 or password are still among the most used according to studies carried out by signatures of security. Unconsciousness or convenience? Possibly much of the first and some of the second: nobody likes to complicate life with strange passwords that include symbols and characters, or waste time on the service access screen by entering the sequence of characters. On the other hand, it is necessary, in case this is not enough, to add an additional layer of security by verifying in two steps, that is, receiving a token or temporary password in a second device to verify that it is we who access.

This is a nuisance that also does not guarantee security when this shipment arrives via SMS since hackers can also request a duplicate of the SIM and steal our identity. Is there any perfect solution? The truth is that there is no insurmountable, but there is one that, today, it seems: protection by hardware. I mean adding a physical device to this unlocking sequence without which our account cannot be accessed: I have spent a whole month shielding a good part of my accounts on the network and this is my experience.

Why hardware is the (almost) definitive solution

Is our network account secure? The first thing to do without wasting time, is to activate the verification in two steps (2FA) in all those services that support it; At present, almost all mass-use products (Facebook, Dropbox, 1Password, etc.) support this basic layer of security. However, we must not relax with the activated 2FA since if this is based on the sending of a message to the phone, it is vulnerable since the attackers can take a duplicate of the SIM and receive the precious token. This is more complicated, but not impossible, if the 2FA is based on an app, but there is always the possibility of someone stealing our phone and accessing this app if it does not have biometric protection.

In this sense, the almost definitive layer of protection is hardware: it is a pendrive device, which we connect to the computer and thanks to its digital sensor, we identify biometrically as the genuine owners of the account. This formula seems impassable for two reasons: it requires the presence of a physical device and, in addition, the biometric element; They will have to steal the pendrive and quote us the finger to access our accounts. A combination of possibilities that seems as remote as impossible, and the best thing is that it is not too expensive either.

Pros and cons of hardware protection

Having consistently read the advice of the bulk of security experts, who advocate protection by hardware as the only really reliable layer, I decided to try Yubikey, the reference device. This pendrive, manufactured by the Swedish firm Yubico, arrives in different types of connectors to adapt to the different devices you may have; In my case, I opted for the Yubikey with USB-C connector, for the MacBook Pro and another with Lightning port for the iPhone.

The configuration turned out to be very simple and it is enough to follow the instructions of each service that supports the protection with a key; Perhaps the greatest difficulty here lies in the fact that each service scales the protection by hardware in different measures. Thus, it can be established that the key is required in the first access to 1Password that is made from an unauthorized device, while in the case of Twitter or Google, the key will only be requested when it is necessary to reset the password and as a final layer of protection.

In this sense, its great convenience of use – just enter the key and touch the finger with the finger – it is reduced because the user does not really have control over how to configure the protection, and this is a shame. Why? If it is left to the user to establish in which cases the use of the pendrive is required and in which the 2FA app will be sufficient, security can be increased to maximum extremes, such as always asking for the key in all access to apps type 1Password.

Why you should get an already

My balance after several weeks of use shielding all my accounts can not be more positive and for a reason that, frankly, I did not expect: you gain in peace of mind. Having seen bleeding cases of identity theft, any protection that can be added is little and know that no one, except you, can access an account because you need this physical element, it really has no price.

And now that we talk about price, this tranquility is not very expensive if we consider the dislikes that can save us: for about 50 euros you can have a Yubikey and the shielding of the accounts is done only once; It is like armoring your home knowing that they access it is practically impossible.

The views expressed here belong to the author and do not reflect the beliefs of Digital Trends.

Editor Recommendations