|
The problem is that Yubikeys and similar are way too complicated for wide adoption at this time, and they often don't really offer any additional security when all the bad guy has to do is revert to the alternate authentication method in many cases. I don't think this is restricted to the Five Eyes types at all. For example, when I was using it with Gmail if the Yubikey doesn't work it asks me if I want to use an alternate method. I bet a high percentage of people have SMS as the backup method, and with some services that is the only available backup. Frankly, unless you are specifically being targeted I suspect that SMS is quite secure--the bad guys have to compromise it first. Sure, maybe that is somewhat easier to do than compromising other methods, but for most of us that little hurdle makes us not the low-hanging fruit. It's like locking the front door of your house. Any semi-skilled thief won't be delayed more than a minute by that with most locks and doors, but that is just enough to mean they are likely to bypass you and instead try the next door down that may be unlocked.
|