Now ever since I got a label printer I made it a habit to… well… label everything. It’s been the a gamechanger in organizing my stuff.
This habit includes having a tiny label with my street address and mail address on most any item that I loan away or tend to regularly lug around with me as a general reminder of ownership. I forget about and lose stuff all the time, so this gives me some piece of mind with most of my medium-value little gadgets. I believe (and have experienced) that people are generally decent and will return lost stuff to me if it’s easy for them to find out to whom it belongs.
Now it has occurred to me that this practice might be detrimental when applied to a smart cards in general and my Yubikeys in particular. After all, shouldn’t a lost Yubikey be considered “tampered with/permanently lost” anyway, whether it’s returned or not? And wouldn’t an Email address on the key just increase the risk of some immediate abuse of the key’s contents, i.e. GPG private keys, that would otherwise not be possible?
Or am I overhtinking this?
You must log in or register to comment.
If you lost your house key what would you do
Get arrested for breaking into my own house.
Lololol
If you lost your house key what would you do
Depends on the circumstances. I mean, if forgot them in a restaurant only to get an Email from the proprietor or another customer 1h later to come and pick them up then I certainly wouldn’t assume them compromised and change all my door locks. I’d just be happy to have them back.
What would you do?Change my locks because it’s easy to do and prevents additional future stress
Change my locks because it’s easy to do and prevents additional future stress
Out of curiosity: what’s the maximum time you’d be willing to leave your house keys out of sight without changing your locks afterwards? Surely at some point the cost in time and money of changing your locks exceeds the utility of (Security-remains-uncompromised times likelihood-of-security-having-been-compromised-by-incident-in-the-first-place)?
I’m uncertain whether I expressed that correctly but surely there’s a spectrum here.Yeah that’s true, it also depends where I left my keys, it’s not just that they’re out of site.
Left in high traffic areas, if I were an especially risky individual (c-suite, management, etc), is it normally a high traffic area that was only low traffic due to the time (lurkers waiting to scrape up what they can after it’s quieted down), etc etc
Really it’s gonna boil down to how risky I interpret the situation to be at the time, etc
Yeah that’s true, it also depends where I left my keys, it’s not just that they’re out of site. Left in high traffic areas, if I were an especially risky individual (c-suite, management, etc), is it normally a high traffic area that was only low traffic due to the time (lurkers waiting to scrape up what they can after it’s quieted down), etc etc Really it’s gonna boil down to how risky I interpret the situation to be at the time, etc
Thanks for the input!
Should label it something cheeky for shits and giggles.
File off all the markings and add “16GB”? 😄
Do you have a throwaway email address that could be used instead, not connected to the accounts on that smartcard/yubikey? Perhaps put a phone number or PO box with the message “if lost please call/send to”. This worked for me in a major city, where I dropped my swipe badge and transit card. A nice gentleman called me & we met up a block away to pass it back. I then verified the access has not been tampoered with, and asked for new cards (just in case).
PO box or phone number are not an option around my parts, unfortunately, but a simple email alias is a rather obvious solution that I’m embarrassed to not have considered.
