Title: MtGox security: Yubikey vs Google Authenticator Post by: Rampion on March 19, 2013, 04:17:29 PM I've been awarded with a free Yubikey at MtGox. I had already set up a Google Authenticator, and now I have a doubt:
Which solution you like better? Yubikey or GA? I see two different pros and cons:
Opinions? Title: Re: MtGox security: Yubikey vs Google Authenticator Post by: Rampion on March 27, 2013, 08:32:32 AM I've been awarded with a free Yubikey at MtGox. I had already set up a Google Authenticator, and now I have a doubt: Which solution you like better? Yubikey or GA? I see two different pros and cons:
Opinions? You should have both setup. Both methods are two factor-authentication. even if both of those methods are compromised, you still have your regular user/pass as a security feature. Also, why would you keep your key on a keychain with other keys, coins, etc? your yubikey belongs to a safe place in your house and you should use it as a secondary method (if you have google authenticator enabled) At least that's my setup. I hope it helps. Thanks for the info. Si if I set up both (GA and Yubikey), I will just need ONE of them to withdraw (for example) - is it correct? That would be cool, because it would be like a sort of "backup" of the 2FA Title: Re: MtGox security: Yubikey vs Google Authenticator Post by: deathcode on March 27, 2013, 01:44:58 PM I've been awarded with a free Yubikey at MtGox. I had already set up a Google Authenticator, and now I have a doubt: Which solution you like better? Yubikey or GA? I see two different pros and cons:
Opinions? You should have both setup. Both methods are two factor-authentication. even if both of those methods are compromised, you still have your regular user/pass as a security feature. Also, why would you keep your key on a keychain with other keys, coins, etc? your yubikey belongs to a safe place in your house and you should use it as a secondary method (if you have google authenticator enabled) At least that's my setup. I hope it helps. Thanks for the info. Si if I set up both (GA and Yubikey), I will just need ONE of them to withdraw (for example) - is it correct? That would be cool, because it would be like a sort of "backup" of the 2FA |