this post was submitted on 03 Aug 2023
872 points (98.1% liked)

Asklemmy

43831 readers
1138 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] KrisND@lemmy.world 33 points 1 year ago (4 children)

Yubico Security Key, to secure your logins and more!

[โ€“] scumola@sh.itjust.works 5 points 1 year ago (2 children)
[โ€“] Clegg@lemmy.ca 2 points 1 year ago (1 children)

Same. I had high hopes but I find it less convenient than other 2FA methods.

[โ€“] FlappyBubble@lemmy.ml 2 points 1 year ago

Why? You can have it constantly plugged in and just touch it to login.

My favourite use is to secure SSH with it.

[โ€“] linearchaos@lemmy.world 2 points 1 year ago

Mine sits on my keys waiting for me to use my banking app or password manager from a new device. Sure for everyday crap like Facebook TOTP is fine.

If you're picky and choosey about what uses the yuppie key it becomes a lot more useful and less annoying.

I've seen projects to make one with a pi pico

I'm definitely trying it

[โ€“] cooopsspace@infosec.pub 2 points 1 year ago (1 children)

Minimum two, preferably three.

The second one is for backup purposes.

The third one is to go in your safe.

[โ€“] KrisND@lemmy.world 1 points 1 year ago (1 children)

Agreed. But the 3rd one I might put in a different geological location...that is if something already happened to 1&2...

[โ€“] cooopsspace@infosec.pub 1 points 1 year ago

The challenge with the keys is you need to set them up on every account and each key. So you can't have your recovery key that far away.

But merely as a backup key for your password manager, fine.

Most of my stuff runs OIDC and on my home server, so if my whole house gets washed away I have more problems than a lost key.

[โ€“] Noughmad@programming.dev 1 points 1 year ago

I only use it because my job mandates it. They allow us to use the same key for private stuff, but it's just too inconvenient.