Hi Konstantin,
On Mon, Nov 15, 2021 at 10:46 PM Konstantin Ryabitsev
<konstantin@xxxxxxxxxxxxxxxxxxx> wrote:
> On Mon, Nov 15, 2021 at 07:34:00PM +0100, Geert Uytterhoeven wrote:
> > On a related subject, I am using Gmail for email (e.g. patch review),
> > but not for actual patch submission (git send-email through my ISP's
> > SMTP server). I do have app passwords set up for git send-email on
> > my laptop (if I ever need to send patches while on the road, barely
> > used so far) and for backing up email using getmail.
> >
> > Recently I received an email from Google that my account may be "at
> > greater risk of targeted attack", and that they recommend enrolling
> > into Google's strongest account security offering, the Advanced
> > Protection Program. Apparently this makes use of a hardware token,
> > the Titan Security Key.
>
> Well, I'm sure they wouldn't mind if you paid them money for a "Titan Security
> key", but it's really just a rebranded Chinese-made U2F token and, as such,
> not any different from any other U2F security key. You can get one from
> Nitrokey (nitrokey.com) or SoloKeys (solokeys.com). I *do* recommend using a
> hardware token for your Google account, seeing as it's increasingly tied to so
> much of our online identity.
Thanks for the explanation.
Given it uses U2F, that means I cannot use the Nitrokey Start for that?
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
