How to Make Your Own Two-Factor Authentication Key

[Paul Wagenseil]

It's not hard to cheaply make your own two-factor authentication USB key, a researcher showed at the ShmooCon hacker conference.

How to Make Your Own Two-Factor Authentication Key : Read more

 

[Bill S0]

If security is what someone is really concerned about, is buying a gadget filled with binary by someone at a hacker conference with a chip made in China and there is no way in the world that anyone can really really know exactly what a USB device actually does in the moment it is plugged in... giving us that warm feeling of confidence in security? Is even buying "direct from Yubico" and assuming your package didn't get switched with another one during transit by some contractor riding in a big brown truck working for a three letter agency or the local authorities or the equivalent of some GeekSquad employee who gets paid $500 every time he substitutes a "special" key... giving us that warm feeling of confidence in security? Please correct me if I am wrong, but I believe the last couple of times I've pressed for an answer that I have been told there is actually no way for a user to really be able to certify the security of the key that they are holding in their hand.