Continuing on with my year of digital security ideas, I wanted to share a few short thoughts on some lessons I learned using LastPass and YubiKey.
- Before I committed to switching to LastPass, I tried it out. LastPass uses a Master Password and I generated it in my KeePass. However, I didn't save my KeePass vault for some reason. Never forget your LastPass Master Password or you will be sorry.
- Always generate a few one-time passwords (OTP) to get into your LastPass vault just in case.
- After you receive your YubiKey, be sure to sign up for the Yubico Revoke Service and add your key. This allows you to revoke your YubiKey in the YubiCloud authentication service in case your key is lost or stolen. You have to physically have your key to add it to the revoke service -- you cannot add a key if you do not have it (like after you lost it).
- Be sure to add your YubiKey to your LastPass profile and enable two-factor authentication.