I have a YubiKey that I use for work, and I love using it. But I won't get one for my personal life.

I've been thinking about this for some time now, but I ultimately don't think the benefits outweigh the hassle of always carrying around another device that I risk losing or breaking.

A Yubikey provides a very good second factor, but so does my phone. My phone, just like a Yubikey, is locked behind a third factor (a pin or biometric sensor), so my phone essentially is a Yubikey. You can argue that the authenticator app on my phone (bitwarden) can be hacked, but I'm willing to take that risk if it means I have to reset all security measures on all accounts if I lose the key.

So, I'm not getting a Yubikey.

Replies & Mentions

This is post 058 of #100DaysToOffload.

Continue Reading