I am a huge fan of Yubikeys - small indestructible USB keys used for authentication and/or carrying keys.
Yubico has a page with a feature comparison here:
https://www.yubico.com/yubikey-function-comparison/
This blog shows how to use a Yubikey to logon to SAP Netweaver:
https://blogs.sap.com/2009/07/22/using-yubikey-otp-to-secure-your-portal/
The only problem I have is that technology moves fast, and so do the protocols. I have updated to the Yubikey 4, which leaves me with quite a few 'old' keys that I'm not really using anymore.
It also seems they don't want them back:
So, in a feeble attempt to push secure authentication I'm going to be giving them away. To be very clear: These are all older models with varying capabilities, none of them supports
FIDO U2F.
Here's how it works:
- Ideally you're still in education and interested in security.
- Comment on this blog and tell me what you're planning to do with a Yubikey.
- If I like your idea I'll contact you with my postal address. You must be able to send a self-addressed post-paid envelope to me (address in germany) - this is going to be your only cost.
- You have to write a blog post talking about what you did with the Yubikey, preferrably in an SAP context.
- The 7 Yubikeys on the picture are the ones available. I'll pick one randomly.
Let's go
😉