Recently I came across YubiKey, which is a hardware token generator from a young Swedisch comapny called Yubico. YubiKey is a small and slim USB device with just one button. If you push it, the device produces a 1-time password and sends it to the server. Compared to token generators in card format, you don't need to manually enter your 1-time password anymore through a computer keyboard, which makes YubiKey unreachable for trojans directly listening to keyboard entries. One more remarkable thing is, that Yubico offer an identity platform for their device, which already contains an OpenID Server.

If this device holds it's promise, there should be reason to worry for the other players in the strong authentication market. I wrote a mail to Yubico's CEO Stina Ehrensvärd, asking for some background and a sample device, and got an answer within minutes. So I'now waiting for the YubiKey and will keep you informed.