Hi Konstantin, On Mon, Nov 15, 2021 at 10:46 PM Konstantin Ryabitsev <konstantin@xxxxxxxxxxxxxxxxxxx> wrote: > On Mon, Nov 15, 2021 at 07:34:00PM +0100, Geert Uytterhoeven wrote: > > On a related subject, I am using Gmail for email (e.g. patch review), > > but not for actual patch submission (git send-email through my ISP's > > SMTP server). I do have app passwords set up for git send-email on > > my laptop (if I ever need to send patches while on the road, barely > > used so far) and for backing up email using getmail. > > > > Recently I received an email from Google that my account may be "at > > greater risk of targeted attack", and that they recommend enrolling > > into Google's strongest account security offering, the Advanced > > Protection Program. Apparently this makes use of a hardware token, > > the Titan Security Key. > > Well, I'm sure they wouldn't mind if you paid them money for a "Titan Security > key", but it's really just a rebranded Chinese-made U2F token and, as such, > not any different from any other U2F security key. You can get one from > Nitrokey (nitrokey.com) or SoloKeys (solokeys.com). I *do* recommend using a > hardware token for your Google account, seeing as it's increasingly tied to so > much of our online identity. Thanks for the explanation. Given it uses U2F, that means I cannot use the Nitrokey Start for that? Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds