Si OAuth2 reste un concept flou pour vous ou que vous voulez tout simplement être sûr d’avoir compris ses rouages, cet article devrait vous intéresser.

The yubikey is a small device that act as a token generator for authentication system. Yubico build them and, as they're seen as a Universal Keyboard, they can be easily interfaced with any kind of system.
From generating OATH token, to One Time Password systems, going by Radius and OpenVPN server authentication, they can be used for a lot of funny things and, among other thing, it's free software (not free hardware, alas). The token is at $25 and you can order them by huge quantities.
Simply put, it's a good token for it's price and, given my threat model (my computer being stolen) it is enough.

We don't need a new version of OAuth 2. The current version provides sufficient options for developers to implement most types of applications. Many services such as Facebook, Github, and Google have already deployed OAuth 2 servers, and deployed implementations win. The OAuth 2 spec itself leaves many decisions up to the implementor. Instead of describing all possible decisions that need to be made to successfully implement OAuth 2, this post makes decisions that are appropriate for most implementations.

This post is an attempt to describe OAuth 2 in a simplified format to help developers and service providers implement the protocol.