The yubikey or something similar needs two parties – you and the service you are trying to reach – who implement the yubikey interface. (It appears the yubikey may be able to function as a standalone password manager, but that interface has a lower security level.) I have used similar security tokens to work from home and they work quite well. If the token breaks, reaches end of life, or is lost, you simply register for a replacement.

You might check with the service (bank, CC company, etc.) and see if they offer such a token based service.

If you want to raise your paranoia level a bit, set up a separate computer that you use ONLY for accessing those services (bank, broker, etc.Z) you want to be secure. That means no email, no Facebook, no Twitter, no Amazon, no web surfing, no iTunes, no podcasts, no youTube, no Netflix, no music, etc. If it is a Windows PC do not use their browser. Install the minimum software needed to access your services and buy a well known security suite with a good firewall and virus scanning software. Set up two userids on the PC – one with administrator privilege and one without. Use the account without admin privilege for talking to the service and the one with admin privilege for doing installations and upgrades. Turn off all file sharing and access to other devices on your home network. Never use your secure PC on a public network. Keep your security software updated and go for it. (Do I do this? No. I think Kim may have alluded on air to maintaining a separate PC for her business activities, but you’d have to check with her. I don’t know of many people who use this approach.)

As always, your mileage may vary,