Yubikey and other validation methods

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › Desktop computing › Yubikey and other validation methods

gnfb

2685 posts

Uber Geek
+1 received by user: 197

ID Verified

#280626 30-Dec-2020 10:14

Cant seem to find one other than a comprehensive article on yubikeys.

so my question. When starting out on the hardware key road of password etc validation. Is there a suggestion and a avoid comments?

It seems that yubikey is at the head of the list to me.

Is an English Man living in New Zealand. Not a writer, an Observer he says. Graham is a seasoned 'traveler" with his sometimes arrogant, but honest opinion on life. He loves the Internet!.

I have two shops online allshop.nz patchpinflag.nz
Email Me

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2628053 30-Dec-2020 10:28

Yubikey is really good.

Form factor is important - USB-C keys are available and work on new laptops, Android phones. NFC is available with these keys so work in Android, iOS and some laptops with NFC readers. Software 2FA such as authenticator still more widely supported though. Also if using Windows 10 with a fingerprint reader-enabled laptop you can use that as a hardware key but only on some sites (this also work on Android but again, limited site support).

- Authenticator app (Authy, Google, Microsoft, LastPass)

- USB key

- USB-C key

- NFC

- Fingerprint

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

MackinNZ

450 posts

Ultimate Geek
+1 received by user: 119

Lifetime subscriber

#2628056 30-Dec-2020 10:38

Excellent video on Ubikeys from Crosstalk Solutions

https://www.youtube.com/watch?v=ybn9J4QCqK4

gnfb

2685 posts

Uber Geek
+1 received by user: 197

ID Verified

#2628126 30-Dec-2020 16:08

Thanks for the info the video was well worth a watch

I have one on the way from Ascent

Thanx again

Is an English Man living in New Zealand. Not a writer, an Observer he says. Graham is a seasoned 'traveler" with his sometimes arrogant, but honest opinion on life. He loves the Internet!.

I have two shops online allshop.nz patchpinflag.nz
Email Me

Tinkerisk

4798 posts

Uber Geek
+1 received by user: 3660

#2628149 30-Dec-2020 16:58

gnfb:

I have one on the way from Ascent

If you stick with it, you'll need a second one (emergency key, not necessarily with NFC but a second one) ;-)

- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT: thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D: two 3D printers, 3D scanner, CNC router, laser cutter

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2628157 30-Dec-2020 17:10

In case you do not have an alternative factor such as authenticator app or recovery code.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Tinkerisk

4798 posts

Uber Geek
+1 received by user: 3660

#2628170 30-Dec-2020 17:27

freitasm: In case you do not have an alternative factor such as authenticator app or recovery code.

Agree. But imagine your smartphone has been lost (preferably with your keychain) ...

And typing recovery codes is possible but not very handy.

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2628199 30-Dec-2020 19:59

As I said, the phone could be backup.

Reality is TOTP authentication (apps) is more widely used than hardware-based (FIDO) so there is some use for hardware keys but a lot more use for app-based keys.

I have a Yubikey and use it where possible but use the app a lot more.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2628207 30-Dec-2020 20:41

Disadvantage of hardware obviously that you need to have it with you, and if you lose it it's a problem. Also means it's difficult to share, not a big problem for an individual but in an organisation / when you have a service provider it makes given access to systems (eg root access to AWS accounts) quite difficult and a slow process that may required a courier to be involved, which increases the risk of losing it.

I like Authy because it syncs MFA codes between devices.

mdav056

616 posts

Ultimate Geek
+1 received by user: 160

Subscriber

#2628228 30-Dec-2020 21:37

Santa gave me a usb fingerprint reader for my laptop -- saves a bunch of time/typing and works with Hello and Roboform too. Now i've ordered a Dell mouse+fingerprint reader for my main machine. Happy.

gml

gnfb

2685 posts

Uber Geek
+1 received by user: 197

ID Verified

#2628397 31-Dec-2020 11:13

freitasm: As I said, the phone could be backup.

Reality is TOTP authentication (apps) is more widely used than hardware-based (FIDO) so there is some use for hardware keys but a lot more use for app-based keys.

I have a Yubikey and use it where possible but use the app a lot more.

Ok I will do both I think get another key and the app

Havnt a clue question: The usb key that i have orderded can one add a usb to type c adapter? or does one have to buy the key that has usb and lightning ?

Is an English Man living in New Zealand. Not a writer, an Observer he says. Graham is a seasoned 'traveler" with his sometimes arrogant, but honest opinion on life. He loves the Internet!.

I have two shops online allshop.nz patchpinflag.nz
Email Me

gnfb

2685 posts

Uber Geek
+1 received by user: 197

ID Verified

#2628400 31-Dec-2020 11:16

One more question If i created a duplicate key could I then send that to my daughter in UK and she would be able to access all my stuff online? Or i suppose she could get the app and use that if she had all the right access codes?

Is an English Man living in New Zealand. Not a writer, an Observer he says. Graham is a seasoned 'traveler" with his sometimes arrogant, but honest opinion on life. He loves the Internet!.

I have two shops online allshop.nz patchpinflag.nz
Email Me

HP

Shop now for HP laptops and other devices (affiliate link).

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2628500 31-Dec-2020 12:21

You can use an adapter if you want.

You can't duplicate a key but some services allow you to add more than one key.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

fizzychicken

318 posts

Ultimate Geek
+1 received by user: 86

#2628513 31-Dec-2020 12:37

Ive had a yubikey 4 neo for a fair few years now, this version as I need the NFC for the phone. It is used as MFA for a bunch of services and password manager etc. I have OTP secret stored in a secured online vault. It lives on my house/car keyring. It has become the norm for me now and I use it wherever it is acceptable, which is most places I interact with.

I bought a second key as backup and stored the secret on a flash drive, I lost both of these in a house move ages ago.

I wish they would make a dual ended usba and usbc key that included NFC, I thought v 5 would have that but it ended up being dual usbc/lightning.

https://keybase.io/fizzychicken

Tinkerisk

4798 posts

Uber Geek
+1 received by user: 3660

#2628659 31-Dec-2020 17:24

freitasm: Reality is TOTP authentication (apps) is more widely used than hardware-based (FIDO) so there is some use for hardware keys but a lot more use for app-based keys.

Yes, it's usage depends of the intended use case and what you like/need to secure (I'm covered with for my needs).

gnfb

2685 posts

Uber Geek
+1 received by user: 197

ID Verified

#2634788 13-Jan-2021 12:26

So my key arrived

It took me i guess couple of hours to figure out how to setup and connect to my keepass

not for the faint hearted

Is an English Man living in New Zealand. Not a writer, an Observer he says. Graham is a seasoned 'traveler" with his sometimes arrogant, but honest opinion on life. He loves the Internet!.

I have two shops online allshop.nz patchpinflag.nz
Email Me

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright