Comment by sam_lowry_

Comment by sam_lowry_ 11 hours ago

0 replies

View on Hacker News

A Google or Apple phone carrying encryption keys to my precious servers? Hm... I feel already pwned.

Jokes aside, I can not be bothered installing ssh keys on my phone. Phones change, get broken or stolen. Ssh clients on phones change as well and can not always be relied upon. I want to be 100% sure I can have ssh access to my servers in whatever improbable situation.

As for Yubikey... I used it for a while as a keyboard emulator to generate a string to prepend to my corporate laptop password that had insane strength requirements.

For personal and small business auth... it is too complex and brittle.

And frankly, what's the problem with a strong password? Like... a quote from Netzsche translated in a mix of French and Dutch with a couple special chars thrown in?