Arrowmaster 16 hours ago

The problem with this tactic is the need to go get the Yubikey every time you make a new account.

Reply View 2 replies
  • e40 an hour ago

    Store only the backup key. It would be crazy to have a single key.

    Reply View 0 replies
  • 1attice 12 hours ago

    Actually, this is now a solved problem. Root-of-trust pattern.

    - Use Bitwarden or similar

    - Set BW to recognize the Yubikey as one (of several, incl. TOTP ('Authenticator') code) second factor.

    - On all other sites and services, generate passkeys (which are essentially virtual yubikeys) and save them in BW.

    - In BW, save the password and TOTP. BW itself, on another device (or in a separate incarnation - e.g. the desktop app when authenticating the browser extension) is now your everyday means of authenticating to BW.

    - BW-stored passkey is now your standard means of authentication for e.g. GitHub, Google, etc

    - Put the yubikey in a safety deposit box

    - Bravo, you have a very professional trust system

    Reply View 0 replies
aitchnyu 18 hours ago

Can we use multiple Yubikeys for a service?

Reply View 2 replies
  • kameit00 17 hours ago

    I use 2 yubikeys. I registered both on multiple services. So… yes, it is possible. One key is a backup if the other key stops working.

    Reply View 0 replies