this post was submitted on 20 Jul 2023
14 points (100.0% liked)

Privacy Guides

16270 readers
4 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 2 years ago
MODERATORS
 

I am im the market for a hardware key for MFA. I want to put it on my keyring and put it in my pocket so I always have it with me. I guess it should be quite sturdy for that (no easily broken off connectors, ...) I mainly want to use it as additional factor for my Bitwarden vault. Do you have any recommendations, experiences, stories? Yubikey seems to be by far the brand most recommended. Solo is nice bc open source hard/firmware, but I care more about reliability and usability than openness I think.

Thank you for your insights!

top 19 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 1 year ago (2 children)

I would place my trust on the good "not-so-old" Yubikey. I have been using their keys since early 2010s. I have used NEO, 4, and 5 NFC and all of them have been rock solid.

[–] packetloss 6 points 1 year ago

Yup, Yubikey is the way to go. Rock solid hardware, and lots of support.

[–] binom 1 points 1 year ago

Thank you for the explanation. I wanted to not just buy the most popular thing from the near monopoly brand, but I really only read good things about the yubikey 5 series. At the moment I think I am veering towards buying that.

[–] [email protected] 6 points 1 year ago

I have a yubikey on my keychain for a few years now, no problems so far.

Btw, I would recommend to get at least 2, one you use and one as a backup.

[–] [email protected] 3 points 1 year ago (1 children)

Always remember that biometrics can be compelled by the court in the US, but a password cannot.

[–] binom 1 points 1 year ago

So I guess a password for the law, and a hardware key for the lawless haha.

[–] [email protected] 3 points 1 year ago

I havent used it, but solokey is built on open hardware and FOSS if i remember correct

[–] [email protected] 3 points 1 year ago (1 children)

Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.

[–] binom 1 points 1 year ago (1 children)

hahaha that's crazy. A bit further than I am willing to go right now. Where do you have yours if you don't mind me asking?

[–] [email protected] 3 points 1 year ago (1 children)

Right forearm! It also works some places in the hand, but the forearm is the best location for that chip I believe.

[–] binom 1 points 1 year ago (1 children)

that is really cool! i have so many questions! is it visible from the outside? can you still have an mri scan? does the metal detector at airports detect it? can you feel it under your skin?

[–] [email protected] 2 points 1 year ago (1 children)

It's only visible if you manipulate it with the other hand, otherwise it's flat enough to be completely in invisible. MRI is fine! The technicians are often somewhat worried but usually accept it just fine if you refer to online documentation. The chip is unaffected. It's too small to be detected by any metal detectors, so no issues at the airport. You can't feel it outside of touching it with the other hand. There is a pinching feeling a few weeks after install though but it disappears completely.

I have four; one small glass capsule type in each hand and two flex type in the forearm.

[–] binom 1 points 1 year ago

awesome. thank you so much for taking the time to respond!

[–] [email protected] 2 points 1 year ago (1 children)

Nitrokey or OnlyKey is you want FOSS are good options.

[–] binom 1 points 1 year ago (1 children)

Thank you for the recommendations. Any first hand experience with these brands? I am looking mainly for reliability and durability. Otherwise they look quite good, maybe even a bit overkill for me with all the extra features.

[–] [email protected] 2 points 1 year ago

No, but Nitrokey is well known and time tested at this point. And they have different models, so I'm sure you can find something that works for you.

[–] [email protected] 2 points 1 year ago

Canokey, there are two way:

  1. You can buy one Canokey Pigeon, which is close source, but with protection of security chip.
  2. You can make one Canokey STM32/NRF52, which is opensource, but no security chip protection, so if someone got your key, she can extract the key from it.

https://github.com/canokeys

[–] [email protected] 1 points 1 year ago

Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.

[–] [email protected] 1 points 1 year ago

Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.