Last Month, an article from Brian Krebs stated that no employee at Google has had their accounts taken over since they deployed YubiKeys for Two Factor authentication (Krebs, 2018). Below is a picture of my YubiKey which I’ve been using since 2015.

A YubiKey requires no power or drivers to use. You simply plug it in and press it when prompted for the Two Factor Authentication. The computer will read input similar to a keyboard due to the way the pins on the device are set up. Yubico’s Enterprise Level products can be configured to generate One-Time Passwords, encrypt/decrypt OpenPGP documents or emails, and more. In the case of mine, it uses the FIDO U2F standard and is good for securing web-based applications that support U2F. Read more

The push for encryption on the web has been going strong the last few years. As of July 24, 2018, Google Chrome will label all HTTP Sites as “Not Secure.” This is a push they promised to do several years ago and has now come to fruition. For that reason, I am proud to say that this blog is now 100% encrypted and secure!

This is primarily thanks to Let’s Encrypt, an initiative for free domain name SSL/TLS security provided by the Internet Security Research Group (ISRG). Thanks to this service, the adoption of HTTPS as a standard has grown. Let’s Encrypt has secured more than 100 million websites and is trusted by all major root programs. Read more