16 March 2013

Locking your Mac with YubiKey and TokenLock

Sometimes I need to securely "lock" my Mac at work - and one geeky way is the combination of a YubiKey (an awesome tiny USB crypto device) and TokenLock (a *very* useful Mac-OS utility).

These two allow for:

  • locking the Mac if the Yubikey is removed
  • unlocking it, if the Yubikey is inserted again

Configure Yubikey

Start the YubiKey personalisation tool and edit the following settings:


Now write that configuration to "configuration slot 2" of your Yubikey.

Configure TokenLock

Second, you need to configure TokenLock to accept the Yubikey only, if it has the correct serial number.

Enter the TokenLock settings dialog:


Great. You're nearly done, one little thing…

Make your Yubikey your primary USB device for TokenLock

Select the USB tab and make sure, your Yubikey is marked "Has serial number".

Select a USB Device.jpg

You're done!

Btw: The guys from Map-Pin software provide GREAT support for TokenLock - which can monitor
bluetooth devices to lock/unlock your Mac… give it a try :-)