Click to view our Accessibility Statement or contact us with accessibility-related questions
Drop Refurbished
Like-new products you can trustDrop Rewards
Get $5 for every 500 points you earn! Learn more
Drop Keyboard Club
Become a member and expand your keycap collectionCollaborate With Us
For Brands & DesignersFollow Drop
This is more like a hash between some private data stored on the device in a non-retrievable manner and the current time. That's how a naive implementation (like the one I built 15 years ago) would work, anyhow; this is by well-respected folks who've been in the business for years (and who've been collaborating on standards that some big names -- Google and such -- have signed on to). Inasmuch as I can trust anyone's work without directly reviewing it / reading the papers, YubiKey are folks who are pretty well trustworthy.
offtopic: if google signs up the nsa seems to be fine with it... maybe it is better if google does not sign up? :D
On the other topic -- just because the NSA has compromised links between Google's datacenters doesn't mean Google is okay with that. Quite the contrary, rather.