Make Your Password Manager Even More Secure With A Yubikey

Make Your Password Manager Even More Secure With A Yubikey

Password managers like KeePass, LastPass and 1Password are essential tools for storing the gazillion unique and long passwords we have to generate for each site. With only one master password standing between your database and a hacker, however, if you really want to secure your logins, a second layer of authentication will help. The Yubikey is an affordable and easy-to-use option.

You plug the USB device into your computer. When you touch the button, it can either generate a unique, one-time password or enter a static password you store on the second slot. You can authenticate the YubiKey with password managers KeePass and, as we noted before, LastPass, as well as a few others.

Colby Aley came up with a clever solution using 1Password and a Yubikey — so he doesn’t even know the extremely long master password for 1Password, but even if the Yubikey and his computer are stolen, a thief couldn’t get into the database:

I generated a fairly complex static password and programmed that to the second slot on my Yubikey.

Next, I set my 1Password master to a combination of two passwords. The first part is a moderately simple password that I can remember. The second part is the static password programmed into my Yubikey, which I couldn’t remember if I tried.

With this setup, I don’t technically know any of my passwords. I know part of my 1Password master, but not enough to authenticate without the Yubikey. On the other hand, if someone were to steal my Yubikey, they would also need my memorized portion to gain access.

In case the Yubikey gets stolen or lost, Colby has a printout of the password, stored in a secure location.

It’s an easy way to further lock down your passwords without too much hassle, and something you can replicate for your password manager of choice.

I know none of my passwords [Colby Aley]


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


3 responses to “Make Your Password Manager Even More Secure With A Yubikey”