mguhlin

BoodleBox Curio

I logged into BoodleBox in anticipation of a workshop I’m facilitating in the new year, and was confronted with a new feature…well, several new features!

I asked BoodleBot why it had said Claude 4.5 Sonnet was more powerful than Claude 4.5 Opus. It didn’t realize that 4.5 Opus was available until I provided a screenshot. Here’s the confirmation after I asked it if this “new information” would endure for other conversations (I already knew the answer):

I do like how BoodleBot threw the BoodleBox team under the bus! Haha. It even crafted a short note:

To: BoodleBox Support Team

Subject: Update Needed for Bot Selection Guide – Claude 4.5 Opus

Hi BoodleBox Team,

I noticed that the Bot Selection Guide in the system prompt references Claude 4.1 Opus as the most powerful Claude model available. However, Claude 4.5 Opus (@claude45-opus) is now available in BoodleBox, as shown in the current model selector.

This discrepancy caused some confusion during my conversation with the AI, which initially provided outdated information about model availability.

Suggested Update:

  • Update references from “Claude 4.1 Opus” to “Claude 4.5 Opus”
  • Revise the description to reflect Claude 4.5 Opus as the current top-tier Claude model for maximum reasoning power and demanding intellectual tasks

This will help ensure users receive accurate guidance when selecting models.

Thank you!

Seriously, I remember how big a feature auto-routing chats was for ChatGPT, but then they backed away from it, as I recall since folks had gotten so attached to ChatGPT 4.x. Will the same thing happen with BoodleBox?

Probably not. I love these new updates to BoodleBox. Keep up the good work!

Practical Example

Since I was curious about YubiKey, I dropped this into the prompt to see which it would default to (ChatGPT 4.1):

The response came up super-fast. Here’s the entire response:

YubiKeys are physical security keys that provide strong, phishing-resistant authentication for your accounts. They can be used for two-factor authentication (2FA), passwordless login, and even as a way to generate one-time passwords (OTPs). Here’s how they can help you manage usernames and passwords, and how to choose the right one:

How YubiKeys Help Manage Usernames & Passwords

  • Two-Factor Authentication (2FA): YubiKeys add a second layer of security to your accounts. Even if someone knows your password, they can’t log in without your YubiKey.
  • Passwordless Login: Some services allow you to log in with just your YubiKey (no password needed), using protocols like FIDO2/WebAuthn.
  • Password Managers: Many popular password managers (Bitwarden, LastPass, KeePass, Password Safe, etc.) support YubiKey for 2FA. This means you can secure your password vault with a YubiKey, making it much harder for attackers to access all your stored usernames and passwords.
  • One-Time Passwords (OTP): YubiKeys can generate OTPs for services that support this method.

Compatibility

  • Supported Services: Not every website or app supports YubiKey, but hundreds do—including Google, Microsoft, Facebook, Dropbox, and most password managers. You can check if a service is compatible by visiting the Works with YubiKey Catalog.
  • Password Managers: If you use a password manager, check its documentation to confirm YubiKey support. Most major ones are compatible.

Which YubiKey Should You Get?

  • YubiKey 5 Series: This is the most versatile and popular option. It supports all major protocols (FIDO2, WebAuthn, OTP, smart card, etc.) and comes in different form factors:
  • USB-A, USB-C, NFC, Lightning: Choose based on your devices (e.g., USB-C for newer laptops/phones, NFC for tap-to-authenticate on mobile, Lightning for iPhones).
  • YubiKey Bio Series: Adds biometric (fingerprint) authentication for passwordless logins, but doesn’t support OTP or as many protocols as the 5 Series.
  • Security Key Series: More affordable, but with limited protocol support (mainly FIDO2/WebAuthn).

Recommendation:
For most users who want maximum compatibility and flexibility, the YubiKey 5 Series (choose the connector type that matches your devices) is the best choice. If you want fingerprint authentication, consider the YubiKey Bio Series, but be aware of its limitations.

🔧 Prompt Engineering Tips

When asking about compatibility or product recommendations, try to include:

  • The specific password manager(s) or services you use
  • The devices you want to use the YubiKey with (Windows, Mac, iPhone, Android, etc.)
  • Any preference for features (biometric, NFC, USB-C, etc.)

Example improved prompt:

I use Bitwarden and Google accounts on both my Windows laptop and Android phone. Which YubiKey model should I get for the best compatibility and security?

This helps me give you the most tailored advice!

The question that goes around in my head is what would this look like with ChatGPT 5.2 answering?

The ChatGPT 5.2 response:

What a YubiKey does (and does not do) 🔑

  • A YubiKey is not a password vault. It generally does not store your usernames and passwords
  • It’s a hardware authentication factor you use to sign in, usually as:
    • A phishing-resistant second factor (FIDO2/WebAuthn or older FIDO U2F)
    • A passkey on a key (a “hardware-bound passkey,” sometimes called a discoverable credential) (docs.yubico.com)
    • Optional advanced modes (only on some models): smart card (PIV), OpenPGP, OTP, and more (Yubico)

The compatibility question: “Will all my logins work with a YubiKey?”

Think in terms of what each site supports, not what your passwords look like:

  1. Best case (modern): “Security key” / “Passkey” / “WebAuthn” / “FIDO2”
    • Works well with YubiKeys and is the main reason to buy one (Yubico)
  2. Common case (still good): “Authenticator app code” (TOTP)
    • This can be YubiKey-compatible if you choose a model that supports OATH/TOTP (YubiKey 5 Series) (docs.yubico.com)
    • FIDO-only “Security Key Series” is typically not what you want if your plan is “put my TOTP codes on the key” (Yubico)
  3. Not compatible as a YubiKey login factor
    • Sites that only offer SMS codes, email codes, or proprietary methods with no “security key” option

Fast way to check accounts: look for “Security key” or “Passkey” in each account’s security settings, and use Yubico’s “Works with YubiKey” catalog for common services (for example, Google and Microsoft accounts) (Yubico)

Which YubiKey should you get?

Step one: pick your connector strategy

  • Mostly USB-C devices (newer laptops, newer iPads, iPhone 15+): prefer USB-C
  • Mostly older USB-A desktops/laptops: prefer USB-A
  • You want phone tap-to-use: get NFC (very convenient)
  • You have an iPhone 14 or earlier and want direct plug-in: consider Lightning (YubiKey 5Ci) (Apple Support)

Apple’s own guidance calls out YubiKey 5C NFC and YubiKey 5Ci as examples of compatible keys for Apple Account security keys, and notes connector differences (USB-C for iPhone 15+, Lightning for earlier iPhones, NFC works with iPhone) (Apple Support)

Step two: decide “FIDO-only” vs “multi-protocol”

If you only want the modern, best option (FIDO2/WebAuthn + U2F) and nothing else:

  • Security Key Series (lower cost, simpler) (Yubico)

If you want maximum compatibility across older systems and extra uses (TOTP-on-key, smart card, OpenPGP, OTP):

  • YubiKey 5 Series (most versatile) (Yubico)

Default recommendation for most people managing many accounts: YubiKey 5 Series with NFC in the connector you use most:

  • USB-C world: YubiKey 5C NFC (Yubico)
  • USB-A world: YubiKey 5 NFC (Yubico)

Step three: passkey capacity (if you plan to use passkeys on the key)

Yubico states current YubiKeys can store up to one hundred passkeys (device-bound to the physical key) (docs.yubico.com)

What to do first (practical rollout) ✅

  1. Start with your password manager account (if you use one)
    • Bitwarden supports FIDO2/WebAuthn “passkey” two-step login (Bitwarden)
    • 1Password supports using a security key as a second factor (1Password)
  2. Then secure your “keys to the kingdom”
    • Primary email, Apple Account, Google, Microsoft (Apple Support)
  3. Buy two keys, not one
    • Many services (including Apple’s security key feature) expect you to keep at least two so you do not lock yourself out (Apple Support)
  4. Register both keys everywhere, then store the backup off your keyring (safe, locked drawer, etc.)

A simple buying answer (if you want one)

  • Get two YubiKey 5C NFC if most of your devices are USB-C and you want the broadest compatibility (Yubico)
  • Get two YubiKey 5 NFC if you primarily need USB-A (Yubico)
  • Get two Security Key C NFC (or Security Key NFC) if you only want FIDO2/U2F for web sign-ins and want the simpler, cheaper route (Yubico)
  • Get a YubiKey 5Ci if you need Lightning for an iPhone 14 or earlier (Apple Support)

If you tell me which devices you sign in from (Windows or Mac, USB-A or USB-C, iPhone model), I can give a single model pick plus a “likely compatibility” checklist tailored to your setup.

Er, Which to Choose?

I’m not sure yet which to go with. I jump operating systems on devices and phones a lot, so I’m not sure this is the best option.

Discover more from Another Think Coming

Subscribe to get the latest posts sent to your email.

Leave a comment