I often find myself on the go without my laptop and need to use public computers, like those in internet cafes. I know this isn't the best situation for security, but I'm looking for tips on how to work safely in these environments. For logging into accounts, I'm considering using passkeys stored in 1Password since they should be safe from keyloggers, but I'm unsure how to supply the passkey from my phone without jeopardizing security. The computer only gives me USB options for passkeys, and I fear spyware could access content from a USB drive. I'm mainly looking to log into platforms like GitHub and Google. Would creating a public GitHub account and generating new SSH keys every time be a viable solution? I could rotate my API keys for added security, but I'm open to other suggestions!
3 Answers
Honestly, the best solution is to buy your own laptop. Don't trust someone else's computer for anything sensitive. If you're really in a bind, keep it simple and don't let anyone else use your devices either – ever.
You might want to consider using a virtual desktop service like Azure Virtual Desktop. That way, you can store everything securely on the cloud and use the public machine only as a terminal to access your stuff without directly interacting with potentially harmful software.
Using a hardware security key like a YubiKey is a great option. It plugs into the USB port and can't be copied or spoofed, making it a secure choice. However, I recommend avoiding public computers altogether when you can. The risk of someone snooping on the network is very real, so it’s best to stick to your own laptop and use a VPN when online in public.
That’s a clever workaround! It keeps your main resources secured while reducing the risk of public machines.