I spent $40 on a hardware key and thought it was a waste until yesterday

For the longest time, I figured my password manager and two-factor texts were enough. I bought one of those Yubikey things on a friend's push, and it just sat in my desk drawer for months. It felt like a hassle for no real gain, you know? Then yesterday, I got a bunch of alerts that someone was trying to get into my main email from a different country. My password was strong, but they had it. The only thing that stopped them was the prompt for my physical key. I had to plug it in to approve the login. Without that $40 piece of plastic, they would have been in. It was a real wake-up call about how easy it is to bypass just a text code. Has anyone else had a close call that made a security tool click for them?

2 comments

2 Comments

kai_park4d ago

Man, I used to think those keys were overkill for sure. What finally convinced you to set it up after it sat in the drawer? Your story is exactly why I switched from texts to an authenticator app, but now you've got me looking at keys again. That's a scary close call, glad it worked!

lopez.karen4d ago

A buddy of mine got his email hacked because someone got into his phone account and took over his number. They used that to get past his text codes and cleaned out his crypto wallet. It was a total nightmare. He had a key in a box for months just like you said, @kai_park. After that mess, he plugged it in right away. Seeing him go through all that stress was my final push to stop putting it off. It just isn't worth the risk when the fix is so simple.