Physically Protect Your Titan Security Key ⚡️ Yubikey
Why keeping your MFA key FOB on a plain key-chain is not a good idea.
Keep your digital keys safe and out-of-sight
Privacy is important. It seems that now everyone is recognizing this. Recently Google launched it’s Advanced Protection Program to help people protect their accounts with multi-factor authentication. Specifically the Titan Security Key. Yubikey has been around for a bit longer and is growing in popularity. The underlying premise is that a physical key can protect you and your co-workers from spear phishing / spyware attacks. I think that most would agree that its a practical solution.
However there are risks. This is a physical fix for a digital problem. That means physical risks, such as lost, stolen or damaged keys. Not a deal breaker but something that you should be aware of what you are risking.
Google’s Titan Security Key is a redundant solution. You have two keys, one to carry with you and the other for safe storage. Depending on how you achieve this will determine how much risk you are accepting. For example, if you put one of the keys on your key-chain for convenience you run the elevated risk of losing it or dropping it (can be fragile). Additionally your keychain is visible making it a knowable target. Keep in mind that if you have a spear phishing problem then you are already considered a valued target.
If you lose or damage both of you Titan Keys and you catch it in time you can turn off the Advanced Protection Program and change you password. But if you happen to be signed out when this happens you’ve lost access to your email and cloud documents. It’s gone. Depending on who you are this could be catastrophic.
I suggest carrying one key inside a portable, waterproof capsule attached to the inside of your backpack. This particular crush-proof capsule can be securely attached to your backpack with a mountain climbing carabiner. Keep your Titan / Yubikey safe and out-of-sight until you need it.
Privacy Paranoid? Airtight Waterproof Titan Key Capsule System | Encrypted USB | Password Manager | On-Screen Virtual Keyboard
A mighty, strong titan lose
at the perfect loss
Keypad Encrypted USB Best Practices and Safety
Enter The PIN before inserting the USB into its slot. Do not enter the PIN while the Keypad Encrypted USB is connected.
Close all applications before hibernating, suspending, logging off or ejecting the USB device. This is an important step especially if you are using a software cryptocurrency wallet, KeePass or Key Quest Vault.
Put the USB Device back in its capsule when not in use. You should remember to seal the Capsule and store it in a safe place.
Make sure your are not being watched or recorded by a surveillance camera. Be aware of your surroundings and look behind you.
Do not plug the USB into a suspicious computer. Avoid using a computer that may be infected with Spyware. If you must use an unknown computer, boot from a Trusted Operating System, and use the Virtual Keyboard to enter passwords.
Do not use a found USB device. If a USB drive magically appears do not plug it into any computer. Curiosity killed that particular cat. Be cautious if your USB drive was out of your possession for any period of time.