4/16/2023 0 Comments Qtpass yubikeyIf all I need is a few seconds with your Yubikey to insert it (or install malware on one of the computers in which you might insert your Yubkey) and swipe the private key material and then be able to "unlock" any site you've used your key with, including ones you register for in the future, that's bad. While this might be desirable, it reinforces my statement above that the ability to extract the private key material through any means short of physical possession and destruction of the original device, is unwise from a security perspective. Essentially, it's like making a copy of your house key with no ability to restrict use. If you could duplicate the key, at least in the way Yubikey handles key pair management, you would be able to sign challenges for any site the original key was enrolled with, whether before or after duplication. Surely there should be a safe way of backing up (on schedule - once a day or week or something) your key to a second key in a safe location and not having to have your backup key on your person a lot of the time?įurther, I've done some reading on the U2F spec, or at least how Yubikey implements it: Surely a backup key is very important and like car or house keys, they should come with a spare? Store and query approximately 30 OATH credentials. ![]() Handle Universal 2nd Factor (U2F) requests. I use pass as my password store, with an RSA 2048 key ony yubikey. Depending on the model, it can: Act as a smartcard (using the CCID protocol) - allowing storage of both PGP and PIV secret keys. Oh my goshness QtPass is the worst on Windows I spent way too much time trying to. Strongbox integrates with iOS Auto Fill, and provides a whole host of other security enhancing features. It supports the long trusted, open source KeePass and Password Safe formats while providing a clean, modern and intuitive user interface. Backups should also be pretty much a scheduled thing, they shouldn’t rely on the person remembering that “oh, I signed up for something new during the week, I need to go and add that credential to my backup key next time I’m got the safety deposit box open and my laptop fired up. The YubiKey is a small USB Security token. Strongbox is a personal password manager for iOS and Mac platforms. If I get mugged or something both devices would be lost. But that means you basically have to have both keys on you whenever you sign up for something which could pretty much be any time, meaning you need them both on you pretty much all the time, which means that it’s not really a backup. ![]() I have been wondering though, the keys can’t be cloned, replicated or backed up as such, from what I hear the only option is to register the second one on all your critical services. I should have bought two of them I guess, but they’re so unaffordable when you’re importing them, I just can’t. I’m waiting for the international shipping.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |