We’ve posted before about security keys—those little digital keyfobs that generate expiring security codes over and over and make it incredibly hard for someone to gain unauthorized access to your account. They’re a great idea, and now if you own an iPhone you can install a Verisign app that will work with Paypal and eBay, as well as about two dozen lesser known sites. It’s probably the easiest step you can take to vastly improve security on those accounts.
If you have a PayPal or eBay account, or use OpenID to login to participating sites, then for $5 you can add a second layer of security that is virtually impossible to break unless the thief physically locates you and steals a little plastic device. The PayPal Security Key is a small, keychain-ready fob with a unique ID that’s tied to your account. It generates a new six-digit code very 30 seconds, which you have to enter whenever you log in. The down side is you have to have your security key with you in order to read the code. But the benefits are huge: you basically have a 2nd password that changes 2,880 times every day—and that isn’t available anywhere online.
A major bank will offer Credit cards with built-in, constantly shifting passwords starting in May.
If it means I have to memorize one less arbitrary pin code in my life, you can tattoo a bar code on my forehead as far as I’m concerned. Still, many are worried about the privacy issues involved in implanted RFID chips, and the prospect of living in a society that may make them mandatory. Big Brother and all that.