YubiKeys by Yubico provide two-factor authentication by USB
Glenn Fleishman |
Dec. 1, 2014
I've written a few times about two-factor authentication (2FA), where a password (something you know) is paired with a second item, like a device-generated token or one-time code sent via SMS (something you have). A password can be stolen or sometimes extracted, so a second factor makes it substantially more difficult for someone who lacks physical access to you or your stuff to break into one of your accounts. This restricts attackers from accomplishing wholesale attacks across thousands or millions of accounts, unless 2FA is badly implemented or attackers find an exploit.
A few weeks later, a circuit court judge in America ruled that while one's own passwords were cannot be demanded during an investigation, as that is a form of self-incrimination and constitutionally protected, a fingerprint is not, even if it unlocks your data.
While that is one just one court, its decision is in line with more generally accepted notions that DNA, blood, and the like doesn't constitute self-incrimination.