@ethin: Which ubikey did you get? There's the newer usbC ubikey5 for $60, and then an older one for $20 or so. The $20 one would be tempting were it not for the fact Lastpass doesn't support it, which leads me to believe it's got an older, weaker encryption protocol. Also, good to know re: the desktop app. I wonder if that's something you could change in the config, i.e. what server to connect to. Then again, the source is always available, so it's nothing short of recompiling a redirected custom build that has the proper server details.
@supremekiller: It's a jury-rigged solution. I wrapped the compiled executable in Software Passport/Armadilo drm protection with no default/trial certificate. There's a persistent check for the flash drive as part of the hardware fingerprint, using native usb drive serial number detection. Being as it's python, I had to have it leave the data-after-execution alone, so while it isn't exactly layet upon layer of protection, it does the job. If a keystroke logger caught my master password, I wouldn't always have my flash drive plugged in, so I could move the pwm to another machine and see what's wrong on the primary, kill the problem, and quick change my master pass. No background processes are launching the thing without the flash drive inserted. And there aren't many passive strongarming utilities to break a program out of an Armadilo shell, being as most programs are for obvious reasons not autonimous, seeing as their original purpose would be to crack a program, not to passively strip a non-commercial password manager out of its shell. IT isn't perfect though, since the device is just a flash drive, not a ubikey. So I don't get the benefit of having to touch the key physically before it activates.