I manage a site for a utility company that does not do their own online billing. Rather they host links to the third party that does it.
I wanted to protect against Phishing attacks with these links.
The first thing I was going to do was add a plugin for a Yubikey.
Will that be sufficient or should I also do something else? I was thinking about signing the links with a PGP key, but that may be too complex for the users of the site.