![]() Real question here - lets assume that I have a site that wants the 6-digit code entered to verify you are you (after you enter username+password). I like the concept of the Yubikey a lot, 'if' it worked everywhere as well as Authy does. They've been around enough years that they should have been able to find the time to get around to it. If a company that makes something like the Yubikey can't put the docs in plain layman's terms, then I don't know what to say. ![]() I have no idea what you are talking about with U2F or OATH or FIDO2 because this whole technology space is so horribly lost down in the leet dude terminology weeds.and I did IT for well over 40 years. I'd suggest Authy makes sense because you still have to log into the device, and log into Authy on the device, but yes if the device itself is potentially hacked that might expose your Authy password which opens another can of worms, depending on how paranoid you are. I guess I'm still not getting something in what folks are saying. There's no way to retrieve your OTP secrets if you lose your key, so it's best to have a spare key that you keep in sync or print out backup codes to store in a secure location.Įdit: worth noting that Yubico Authenticator is cross platform, so you can use it on your desktop by opening the app and plugging your Yubikey into the USB port.This won't matter unless you actively use and want to secure 32 different online accounts. You're limited to ~32 OTP secrets per key.There are a few downsides to using Yubikeys compared Authy: If you get the NFC versions of Yubikey, you can tap the key to your phone to automatically launch the Yubico Authenticator app, and the app will display your one time passcodes. So Yubikey 5 can entirely replace Authy as long as you have the Yubico Authenticator app on your devices. Yubikey 5 supports TOTP, HOTP as well as U2F, FIDO2, and Yubico OTP (those are the protocols used by the services you listed). If the places we 'really' want to secure like banks and investment places (Schwab to name one) don't support the Yubikeys, I'm uncertain why to buy more keys to have a backup and one offsite etc.Īuthy supports only TOTP and HOTP (the QR codes that you scan with your phone which generates one time passcodes). Ignoring the dinosaurs who only support SMS texts (which unfortunately I'm stuck with), given that everybody supports apps that do the same kind of thing to support 2FA, I'm struggling with why I'd want to buy more yubikeys. Yet almost everybody else who supports 2FA supports Authy, which works fine for me on all the platforms I use. email and other services: Google- social media: Twitter, Facebook- password vaults: Lastpass, Bitwarden- cloud: Dropbox and presumably Amazon (I didn't register a key there yet) ![]() ![]() Just looking at my list of Internet sites and supports that support 2FA, I see 20+ different sites where I have that enabled, yet only very few support the Yubikey, namely. I have a v4 yubikey from the old Wired magazine freebie offer from a couple years ago, which works fine when I can use it, but I find I can rarely use it because the various sites don't support the key. My big requirement is I need to be able to authenticate to sites from all those platforms (ignoring Linux, where I use ssh keys).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |