Yubico USB Key Provides Extra Login Protection

Yubikey is a hardware device that you plug in to the USB port of a computer to improve the security of authentication processes.
Password theft is a common problem on the Internet in these days. Attackers use numerous ways to steal login credentials from users: this includes phishing attacks via email, brute force attacks that try to guess the password, trojans and computer viruses, or keyloggers that record every keystroke of the user.
The best forms of protection against those kinds of attacks are the use of strong passwords, an up to date computer system with security software installed, and an open educated mind that uses caution and common sense whenever passwords or other personal information is entered on the Internet.
Some security software programs can aid the user in protecting the data. Software programs like Last Pass or KeePass, password managers that can generate secure passwords and remember them for the user, are examples of this.
But those applications do not change the system itself. All that is needed to log into a service are the username and password of a user. Yubico changes this.
Yubico
Yubikey is offered as a USB compatible device that offers strong authentication by adding an extra layer of authentication to the login process of several popular applications and Internet services.
Supported are among others password managers like Last Pass or KeePass, content management systems like WordPress or Drupal, the popular encryption software True Crypt and other services like Google Apps or OpenID.
Features:
- Requires no driver or software installation
- Compatible with Windows, Linux, Mac OSX and Solaris
- Robust, waterproof, crush-safe, no batteries required.
- Open-source client-side SDK available.
- Yubico offers a free validation service, or you can run it on your own server.
- Customization options like labeling the keys
- RFID and OATH Yubikeys available as well
How does it work?
Yubico, basically, adds another layer of security to the login process in most cases. A login to the Last Pass master server for instance requires the user's Last Pass email address and password just like before but a second step is added to the process by Yubico. You need to enter the Yubikey into an USB port of the device to complete the authentication process and sign in to the account.
The Yubikey comes with a button on the device that will authorize the request on the screen whenever it is pressed. This is used in the authorization process. In other words; no sign in to the service without access to the Yubikey. An attacker who manages to steal a user's username and password can't use the information to sign in to the account.
The Yubikey password consists of a static and dynamic part which makes this solution excellent for battling keyloggers and other eavesdropping techniques as the password is only valid for one time and void afterwards. This password can be changed to a very long static password for offline usage (for example required to make it work with True Crypt during system boot).
This means that an attacker would need access to the user's email address and password but also access to the Yubikey device to gain access to the service similar to how other two-factor authentication systems work.
Take a look at this video for additional details
Yubikey adds another security layer to the authentication process. It is Open Source, does not require installation, is compatible will most popular operating systems, works with lots of popular services and can be easily carried around in a wallet or on a key chain.
This is the perfect device for web users who work with WordPress, Google Apps, Dropbox, GitHub, password managers, OpenID or other services and applications listed on the Yubikey Wiki website. Interesting enough, Yubikeys work also as a second layer for logging in to Windows, Linux or Mac OS X devices.
Update: Yubico, the company behind the Yubikey devices released new versions of the Yubikey since our first review. The following devices are available:
- Yubikey 4 and Yubikey 4 Nano -- USB-A connection
- Yubijey 4C and Yubikey 4C Nanon -- USB-C connection
The two device families support the same set of features, and the only difference between them is that one connects to a USB-A port and the other to a USB-C port.
- Yubikey NEO -- USB-A connection and NFC support. Supports fewer cryptographic features (no RSA 4096 or ECC p384) which means that you may not use it for some services.
- FIDO U2F SECURITY KEY -- works specifically with services that use FIDO U2F.
If you want the broadest range of support, select a Yubikey 4 or 4c device. Nano versions are smaller in size and ideal for traveling or keeping in the device at all times.


Thanks for the info Martin, I have been wondering too.
Second to last paragraph, “There do not…”, is not grammaticality correct.
You mean grammatically incorrect.
lol
A thing designed to confuse the user for sure.
Why they simply don’t merge with the normal download omg?
The core problem with the addition is the lack of information on AMD’s part.
Is “Catalyst the user panel”, the device drivers, or the combination?
I have a Celeron motherboard with twin Radeon 9250’s on board, and it’s fine for nearly everything, but has terrible difficulty playing videos, even from the hard drive. I installed the latest “Catalyst” (10-10_xp32_dd_ccc_enu.exe) and the device drivers still say they are from 2006. This may be the best there is for this board, but it’s sure hard to tell.
Freddy: Did you uninstall the old drivers before installing the new one?
Nope. The instructions didn’t ask me to. I suppose it will just use a vanilla Microsoft driver if I do that? And actually boot? So then I can re-run the Catalyst install?
It is probably best to clean all old drivers first and reboot the machine afterwards. Windows usually offers generic drivers. Once the system boots install the ATI Catalyst drivers again to see if it makes a difference.
“gives any application access to the Graphics Processing Unit for non-graphical computing” means it’s basically the ATI/AMD version of NVidia’s CUDA which allows the GPU’s processing power to be used for other stuff than graphics, eg. for physics calculations (through PhysX in that case). That can lessen the load on the computer’s CPU
Everything found in AMD Catalyst, plus the OpenCL driver Users can still grab all of the individual AMD Catalyst components as well (which will also include the OpenCL driver as well)
Highlights of the AMD Catalyst Accelerated Parallel Processing (APP) Technology Edition 10.10&up Windows release include:
Introduction of AMD HD3D Technology
*Blu-ray 3D support
•This release of AMD Catalyst provides support for Blu-ray 3D playback
•Requires Blu-ray 3D player software, 3D supported display and 3D Stereoscopic glasses*
•Supported on the AMD Radeon™ HD 6800 Series GPUs
Stereo 3D gaming support
•This release of AMD Catalyst provides support for Stereo 3D gaming via 3rd party middleware from Dynamic Digital Depth (DDD) and iZ3D
•Requires 3D supported display and 3D Stereoscopic glasses*
•Supported on the ATI Radeon HD 5000™ Series and AMD Radeon HD 6000 Series GPUs
Video accleration for HD WMV video content
* This release of AMD Catalyst provides video acceleration support for WMV HD (Microsoft video codec) under Windows 7
* Supported on the ATI Radeon HD 5000 Series of products
Enahnced Dynamic Contrast video controls
* This release of AMD Catalyst enhances the Dynamic Contrast setting found in the Catalyst Control Center by adding support for histogram based detection
Information was found on various websites.
Just adding my 2 pennies, I think the APP drivers helps GPU intensive apps run concurrently without crashing. I have an ATI 5870, the usually (non-APP) 10.11 ATI driver crashes (after a few seconds) when I run a 3d game (CoD Black ops in windowed mode) along with running a flash based (TV stream) on firefox. Symptoms are: Game hangs momentary (which I then am forced to close), flash player crashes and ATI driver recovers from a crash.
With the APP drivers installed, this concurrent usage of my GPU seem to run both apps smoothly without crashing. Thanks ATI for the new APP drivers. Things work better now. (Mind you I have not exhaustively tested this! Just a
over an hour of game play while streaming TV). Things use to crash within a few minutes of running the two apps together.
Thanks for your 2¢. i was wondering abt this and I also have the same gpu and stream on my big screen through it while some other gpu intensive thing on the other. I have noticed , though when i play a bd movie in PowerDVD10 ultra player now my gpu shows zero use through out the whole movie. not sure if it is connected and cyberlink corp can not respond to this adequately at all. so far they dont know what i am saying. I use afterburner 2.0 and have the graph showing gpu use and fps and it works . non blu ray dvd show action and appropriate fps60 or 24 depending how i have it set. so it works. i usually use my stand alone blu ray player but i sometimes just keep the one in my computer active and check to see if things are correct and since adding the APP drivers i notice this anomaly, if it is unusual. i would have thought the gpu would be more active for blu ray play back, no more since adding APP but getting 0fps and 0% activity for the whole movie does not seem right. no comments from amd or cyberlinnk so far
Is there any program or games to day that use
Accelerated Parallel Processing (APP) Technology
Thanks for the info… was wondering why the 2 versions myself. Still don’t know why they just auto update drivers.
So with all these wonderful things that this “APP technology” does the question still remains, why on earth is amd even continuing to release the drivers/catalyst without it?
B/C some people have the i7 with 8 cores and realy dont nead thier GP doing any extra work…. and with 6-12 Gigs of mem running at 1600 mhz the pc screams…
It would be cool if the next version of Photoshop utilized this in order to process renderings faster. That would rock.
how do you know that your graphics card is app tho
CyberLink’s PowerDirector 9 Ultra64 can use this technology. That’s why I came to this discussion.
Yes , prog CyberLink PowerDirector ..it offers Smart Video Rendering Technology (SVRT), and is optimized for NVIDIA CUDA technology, AMD Accelerated Parallel Processing technology, Intel Core family processors, and AMD multi-core central process units.
Some comments seem to refer to other articles…
I made the mistake of accepting HP ink subscription package for some months, then I unsuscribed it. A guy told me that so doing HP had remotely changed my all-in-one printer firmware forcing me to use only original ink cartridges.
Is there any way to revert the firmware to the original one, allowing me to use generic ink cartridges?
Thank you.
Not only HP printers by the way : the same shameful practice with the Epson 9900 series printer :
[https://www.youtube.com/watch?v=M84u_8hAFzU] on YouTube
[https://piped.frontendfriendly.xyz/watch?v=M84u_8hAFzU] via this Piped instance.
They make money with the ink cartridges, it’s almost that they’d offer the printer for free.
EDIT, off-topic : the article on it’s very page as on Ghacks Homepage is shown as having 0 comments …
There seems to be a mix-up : comments relate to another, older article.
“Launching the subscription-based service HP+, which, as a feature, blocks using third-party ink for the lifetime of the printer, even when customers unsubscribe later on.”
This is outrageous — just like the rest. I’ll make a good note never to buy HP. Nor ink-jet printers, incidentally. Laser is the way to go.
Its remarkable how much Printer makers can get away with it. Its as if this is the first time such companies have been caught doing anti-consumer things.
– Cartridges having very little ink in them on a small sponge.
– Printers flagging falsely flagging printers for repairs for no reason whilst locking out users.
– Printers locking out cheaper third party ink.
– Placing stickers over the USB ports claiming there is none to force people to use ethernet or wifi so the companies can push these so called updates to disable and control your printers.
– Disabling unrelated parts of your all in one printer.
– Forced subscriptions.
– Time bombed hardware.
– Overly expensive ink.
– Falsely claiming ink cartridges are empty when they are not.
The list goes on and on really and yet nobody has done anything about it. Where is Europe on this? Where are the morons that glue themselves to the roads on this or the league against straws.
There is just no oversight for this reckless industry. They have been getting away with murder for years.
I’ve seen some people say that it is cheaper to buy a new printer when the included ink cartridges run out and throw the one they have in the trash which says a lot doesn’t it.
HP is pretty much a known scumbag in the industry but they aren’t the only one, they all do it to one extent or another.
There seem’s to be an issue with comments.
This article is about HP all-in-one and the comment count is 0, but there are multiple comments older for an AMD GPU article.
I beg your pardon, the first comment is from year 2010!
What the hell? :S
Being an “old fart”, maybe it is easier for me than others, but I find myself choosing older items over this kind of HP crap. Yesterday’s Caddilac is much more dependable, safer and cheaper to operate than the modern day Tesla.
Good Lord, November 2010! I think it’s time to forgive HP and move on now some 13 years later. Poor HP. People not letting go of resentment. :-P
New and old comments are appearing in unrelated articles.
I’m making this article in the Lenovo Legion Go leaked images, and it will appear in other articles too.
laptops The description underscores how top brands such as HP, Dell, and Asus are making gaming accessible without a hefty price tag. It’s important to prioritize features like speed, memory, graphics, and processing power when selecting a gaming laptop, ensuring an enjoyable gaming experience without overspending.
No idea what “[…] than ever …” is supposed to mean in the title. It looks like it’s missing a word.
:S
Why are the comments sections in all of the articles from many years ago???? The comments here are from 2010!!
Ghacks has gone way downhill since Martin sold it. The owners don’t give a damn, apparently, as it’s been like this for weeks.
It’s been going for far over a week now. The fact this Comments section is neither fixed nor simply and honestly removed is perhaps relevant of the owner’s plan to let it slowly but surely become obsolete, check if the number of visitors falls as well and if not then remove ‘Comments’ for good, maybe by January 2024.
I’ve spent many splendid years reading comments, replying, commenting myself here, especially when Ghacks was independent. Comments are so complimentary of articles. End of an era as it seems.
@Tom Hawack,
I feeling so too.
“M&A” is used regularly by Microsoft as a means of “ruling out rivals”, and Softonic’s acquisition of ghacks.net seems to be no exception. It is very disappointing.
As is clear from the case of Elon Musk, who acquired Twitter, there are things like locking and deleting comments, authentication systems, etc.
The future of ghacks is uncertain, and it looks like it will end in tragedy.
Advances in digital technology are exposing a chaotic and irresistible oppressive reality. Far from being “bright and happy,” the future feels “dark and gloomy” with despair.
Nice and good words by @Tom Hawack, I feel near the same feelings with this site. I arrived here while suffering very bad moments at my life when a good friend of mine died of cancer disease. I can’t barely remember when was my first comment, however I think that I have been here since 2018 if my memory doesn’t fail. Anyway, there have been so many years reading good articles and also reading some good comments by some good users. Now I am starting with my first job as forestal engineer at long extension areas of Spain so I will have very reduced time to read and comment, however I will continue visiting this site to remember the good times. Thanks to you all for your efforts and also for the great patience, over all to @Martin, @Ashwin, @Tom Hawack, @owl, @herman cost, @violetmoon and so many other users! You all are the best! :]
Tom, the issue appears to have been fixed. Terribly sorry that it took this long. Can you please verify? Thank you!
@Martin Brinkmann (said on September 8, 2023 at 2:33 pm),
According to my RSS reader, this reply appears to be directed at @Tom Hawack (ghacks.net/2010/10/31/whats-the-amd-catalyst-accelerated-parallel-processing-app-technology-edition/#comment-4573217).
I also replied to Martin (ghacks.net/2023/07/24/pokemon-go-routes-not-working-how-to-fix-it/#comment-4573350) in my reply, but I don’t understand that the series of troubles has been fixed.
In the case where comments on Avast articles (Get Protected the Right Way with Avast Free Antivirus: ghacks.net/2023/08/07/get-protected-the-right-way-with-avast-free-antivirus/) were deleted that I first pointed out to Martin, It It remains disappeared (and nowhere to be found), remaining unchanged.
And the inconsistency in “association between articles and comments” remains unchanged and incoherent.
What exactly was “fixed”?
@Martin Brinkmann,
Incidentally, some of the Comments I posted a few days ago remain blocked.
Example at (ghacks.net/2010/10/31/whats-the-amd-catalyst-accelerated-parallel-processing-app-technology-edition/#comment-4573248),
and more (ghacks.net/2023/09/02 /microsoft-is-removing-wordpad-from-windows/#comment-4573267).
I would also like to know why it is blocked.
@Martin Brinkmann,
I’m guessing from your most recent article post,
>> ghacks.net/2023/09/08/google-enables-real-time-checks-in-chromes-safe-browsing-security-feature/#comment-4573399
the fixed Martin mentioned is that “From future posts, the association with the article will be properly established.”?
However, is it impossible to fix the association of comments for a large number of articles that occurred during this period (8/15-9/7)?
If ghacks.net were to leave these messed up associations in their articles, Subscribers who don’t know about these things will be very confused when they see the article.
And one more thing, what about the disappeared (erased) Comments?
If all of them have been corrected successfully, it can be said that problem have been “fixed”.
Regarding the Comment block and the missing Comments, I feel that there is a need for a clear official statement (by Softonic) on paper for ghacks.net subscribers.
@Martin Brinkmann,
It was just a while ago,
The Comment “Thread about HarmonyOS” posted by @Glyde on September 8, 2023 at 8:06 pm is about the article 2023/09/05 “Watch out Windows, you got a new competitor”,
but it’s linked to Martin’s article 2020/12/26 “How to sum numbers in LibreOffice Calc automatically”.
> ghacks.net/2020/12/26/how-to-sum-numbers-in-libreoffice-calc-automatically/
Please correct the links appropriately.
Regarding the article “Watch out Windows, you got a new competitor”
> ghacks.net/2023/09/05/harmonyos-pc-vs-windows/
Note!
After all, if we don’t fix all the articles with messed up associations, those articles will continue to get messed up. You can’t just leave it alone.
Note!
After all, if don’t fix all the articles with messed up associations, those articles will continue to get messed up. Can’t just leave it alone.
@David Arandale,
Note: I replied to you on September 6, 2023 at Around 2:30 pm, but it was still remain blocked after more than half a day, so I replaced the quoted URI scheme: https:// with “>>” and reposted.
The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
>> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
>> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
As it stands, except for articles by Martin Brinkmann and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
>> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033
By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
>> github.com/martinrotter/rssguard#readme
@Martin Brinkmann,
Regarding my comments (#comment-4573235, #comment-4573237) before and after the reply to @Tom Hawack (#comment-4573236),
I posted it around 2:30pm (daytime) German time, but why is it still not showing up even after almost half a day?
gHacks, fuck off! i’m out.
MediaTek develops its first 3nm chip using TSMC process
Is this Apple A17 Pro GPU integrated in the up and coming iPhone 15?
The article and the picture does not make the distinction it being a separate device or integral to the iPhone 15.
“leaks”
“revelation”
“provides an exciting glimpse into Microsoft’s future plans for its Xbox Series X ecosystem, with a strong emphasis on innovation, design, and immersive gaming experiences”
ad
Well, I’m responding to a post from today on September 29,2023 – and the comments are still busted.
The post I’m responding to is the post about the introduction of the Raspberry Pi 5.
People responding to posts until this is fixed should identify the date and post they’re responding to in order to keep things reasonably rational.
With regard to the Raspberry Pi, I hope that they have fixed the sourcing issues and thus we won’t have to pay $300 for one over the next year. I won’t even consider a Raspberry Pi of any version until the prices come down.
Oops, that should have been September 28, not 29.
Good lord, now I scroll up and I see the post is about the Catalyst, not the Raspberry Pi.
This site is irretrievably busted. It should be shut down until fixed – or just shut down.
“Newegg offers the best overall deal, including a free Meta gift card (up to $25) and a free copy of Asgard’s Wrath 2. The 128GB and 256GB versions come with a $15 and $25 gift card, respectively”
Must be typo because there is only Meta Quest 3 128GB and 512GB.