You can use it on mobile, and it will cross-verify, it may, like I said, needs to be looked into. It is a new tech and I don't know much of it.
It's 2 factor authentication, something you are and something you have. The something you have is your "trusted device" which functions as a token, and then the something you are is either your fingerprint or your face. So you have to use a device that you own or trust. You would not want to trust a public computer.
But it looks kind of promising for anyone that has to access accounts off of computers besides their own at home or a secure work area.
LifeHacer Secure USB
Edited by user Tuesday, October 27, 2015 12:36:23 PM(UTC)
| Reason: added hyperlink
The problem with this is that if you plug your thumb drive into an unknown computer that automatically copies all of your files... now that computer has the file that is your key...
This type of authentication is called a token. And the problem with this type of token... is that the key never changes. So your key could be compromised without you ever knowing. You don't need to lose your USB thumb drive to have your key compromised. Someone just needs to get the data without you knowing...
So.... auto file copy on a public computer, that is also running a key logger... and all of your passwords are compromised.
The solution to this, is having a key that is constantly changed.
In enterprise solutions that use a token as a form of authentication, the key will be changed every 30 minutes. So even if the key get's compromised, it is only vulnerable for a maximum of 30 minutes.
If you want to use this setup, you need to change your key from a trusted computer, every time you plug that USB drive into an untrusted computer.
Key Loggers are a concern in the Internet cafes, of course. Most of my friends, where I might log on their computer, are not techy enough to run a key logger, but since they do not live in a vacuum tube, there is always the remote possibility.
At some point it becomes such tail chaser, I feel like rolling myself up in bubble wrap and throwing myself off a cliff into the stormy grey seas!
But I think, I will try it. If possible, a read only, LastPass/Sesame secured thumbdrive with a browser installed so I browse from the thumb drive, not the host computer. Then I will clasp my hands together and beseech the Fates for a good toss of the dice!
The keylogger will capture your master password. The auto copy of all your files on your thumb drive will capture your key.
Your friend's do not need to be tech savy. There are plenty of example of malware that will install a software based keylogger unbeknownst to the user.
You can protect yourself... but it is expensive... Cyber security is a complicated thing... that's by big companies spend millions trying to protect themselves!
Well, yeah. It is probably protected a LOT more :P
I also noticed that Amazon is now offering two factor login, though it uses your cellphone to send you a special login pass code. And that tidbit came courtesy of the HH newsfeed. Handy, that.
I would go with 2 Factor Authentication.Always. Period.