| ▲ | jmole 2 hours ago | |||||||
Cobranded YubiKeys? Weird flex but ok. Seriously though if you are letting agents do whatever they want without a PR process that requires hardware authentication or proof of presence, you are putting your code and your org at high risk. | ||||||||
| ▲ | jallmann 2 hours ago | parent | next [-] | |||||||
> want without a PR process that requires hardware authentication or proof of presence Just curious, what do you use for this? I built OTP Guard [1] a few years ago for exactly this problem, although I haven't seen any alternatives in the space. Does GitHub have something built-in now? The original framing was more "local malware compromising your GitHub account" ... it never occurred to me that the malware could be a LLM. I really should update the page. | ||||||||
| ||||||||
| ▲ | kirab 2 hours ago | parent | prev | next [-] | |||||||
> Cobranded YubiKeys More interesting than that even, a tier of YubiKeys that does not exist outside of this cooperation. The supported features sit between a YubiKey 5C and a Security Key C and I did not find any other way to purchase this tier. | ||||||||
| ▲ | toomuchtodo an hour ago | parent | prev [-] | |||||||
Cobranding is just good marketing at minimal incremental spend when you're running off a batch of hardware. | ||||||||