As you know, based on a few of the tutorials that I’ve published recently, I have a YubiKey that I’ve been learning how to take full advantage of. In previous tutorials I demonstrated how to implement U2F in your web application, but most YubiKey devices do so much more than just U2F authentication. For example, the YubiKey NEO and YubiKey 5 have support for U2F, FIDO2, OpenPGP, OTP, and a bunch of other crazy technologies.
In this tutorial, we’re going to explore using the YubiKey as a smart card for storing our PGP signing, encryption, and authentication subkeys.Read More
There are a lot of password managers on the market, some in the cloud, some local, all with features that may or may not be useful in all circumstances. I’m personally an advocate of being in control of your secure information and shedding reliance on closed source or cloud alternatives. This is why I use pass, the standard unix password manager.
The pass application is Mac and Linux compatible, but Windows support probably isn’t impossible. The application works by maintaining a list of password files that have been encrypted using GPG, a widely used cryptography software. Decrypting the files will result in access to your password information.
We’re going to take a look at using pass and see why it is a convenient option for password management.Read More