Physical security keys are now mainstream
FIDO U2F Security Key
Physical security keys are now mainstream
FIDO U2F Security Key
Other urls found in this thread:
Feitian MultiPass FIDO Security Key
don't you have to break something in order to retrieve your password?
The yubikey neo is GOAT. Since basically nobody is doing u2f right now, the best 2 factor option is software authentication on most sites. Using the yubico authenticator, you can store and generate single use codes on your phone without ever putting your private keys on an easily compromised device. When more places catch on to u2f being the future, moving over will be seamless.
Yubikey gets lost
???
Fuck
Nitrokey or nothing. Open hardware and software, yubi is closed now
Is there a way to make your own security key from a USB flash drive? Seems like that would be cool, give you total control, especially being able to make back-up copies and stash them in case of loss/destruction of the main one. Would love to make my own universal key that is required to boot a computer, no matter what OS is installed on it. I've got about 20 old flash drives, like 1/2 GB up to 4 GB doing nothing useful in a box of obsolete tech I keep around because "maybe" I can find a use some day.
Not securely, USB device firmware is easily writable. Generic USB is not designed for this, hence why there are dedicated devices for the task.
They couldn't be bothered to put a little plastic around it?
So now you can get your shit stolen by literally anybody with a knife or something else the old fashioned way? Cool. Why fear Petros the hacker when Tyrone can just snatch your key for somebody else that paid him 50 bucks?
Go home and de-auth the key you gibbon. Or, I don't know, set a password on it? Bait harder.
lel the shilliest of shill posts
Use your phone with TOTP Authentication as a backup and remove the key as your authentication device in the event your U2F goes missing.
I've been using not U2F but OTP via Yubikey for some time now as additional factor for high security accounts at work. It's awesome. Other than any OTP app on my phone, it can't get hacked, and I just remove it from my accoutns in case I lose it.
As mentioned above, just remove the thing from your accounts. I also have a cheap dedicated Smartphone without network access with an OTP app as a backup with me. In case even that's lost, there are recovery codes in a safe location.
U2F didn't make it into Firefox 56, too bad
This.
>smash key with hammer
>rip out drive and components
>weasel way to data
>???
>profit!
Why aren't fingerprint readers being put into all new laptops and standalone keyboards?
Seems like the way to go now that everyone is using them on their phones.
Ahh yes, the built in backdoor keys
I want one of these that will keep my phone unlocked while it's either plugged in or in range of a radio (NFC/Bluetooth) anybody know if any of these are capable of that?
Oh yeah, let's just hold vital biometric data on our cells and computers so the instant they're compromised so is the rest of our identity. Good fucking thinking toddler.
Yes they are being put into new laptops, and yes there are keyboards with a fingerprint sensor (see the new microsoft keyboard, cant remember the name but it has a sensor built in to the windows key). If youd do your reesearch youd realise how many laptops have had a fingerprint sensor (i mean ffs have you never seen a business laptop from the last 10 years? thinkpads, dells, etc...)
Honestly, who are you hiding from that you think will go through all this effort just to see your anime porn?
Fuck off commie, I bet you let vagrants from the street watch you shower.
>dude why do we need pin numbers dude it just shows how much money you have dude the card is safe on it's own dude
>have a 2017 MacBook Pro
>fingerprint reader with information saved on encrypted Secure Enclave
>entire machine locked to Apple ID
>as useless as a stolen iPhone if you don't know credentials
>soldered, encrypted, proprietary SSD meaning malicious persons can't even access your information by getting to the drive
>iCloud 2TB storage for $9.99 automatically synced so even if my machine gets lost or stolen I can still download all my data, saved documents, everything
Wonderful, isn't it?
Because a Kingston 512MB old USB 2.0 stick can do same job.
All you insecure, lonely autists need better hobbies. Deep inside you know your imaginary enemies are not real and not a single normal human being is going to be interested in your porn collection, not even your parents because they probably have long given up on you anyway.
and as always
>his laptop doesnt have a fingerprint reader
Answer the question.
There is a legitimate reason for pins on bank cards.
There is no reason for a secondarily physical piece of shit that can break, get lost, etc and then you're shit out of luck. You people act like you have top secret information that people are actively trying to get when the reality is you got shit and no one gives a fuck.
Alright, mind installing teamviewer and letting me have a look around?
What exactly do you think will happen in this situation?
>Oh no the biometric data on all citizens has been compromised
...ok? And? What's the world-ending event that will unmake society in this situation? If anything we just distrust forensics a bit more, and people stop assuming that fingerprints are evidence of guilt. We'd probably be better off if this happened.
Because using an almost unchangable piece of information for authentication is always about as dumb as you can get. Especially when you leave that unchangable piece of information all over the place.
Face scanning
Fingerprinting
Retinal scanning
None of those things should ever be used for security.
In Apple's case the fingerprint never leaves your device and can never be seen by anyone not even Apple, it's stored in a security chip (Apple's Secure Enclave).
People are using this to approve payments so i think Apple knows what they are doing.
U2F was supposed to be a thing 5 years ago. Quite limited support.
If you can't see what is wrong with the statement you just made then you can fuck off Sup Forums right now.
I want to believe Apple are good guys about device security, heck if they could prove it I would actually buy Apple products.
But I just don't believe them.
Have have the Yubikey, don't get this cheapass blue one it only works with a few things.
>$118 for a hoodie
These people deserve to have their fingerprints harvested.
Keep a few paper backup codes for your email and anything else critical. Put them somewhere you trust to be safe.
No hardware is verifiably open. If it were easy to validate there were no hardware back doors, it'd be easy to open the device and dump your keys.
>What are passwords
Retard.
I'm just saying. I've had a neo for a year and it's been nothing but a pleasure to use. If you have a competitor that can do what the yubico authenticator can do using nfc I'm absolutely willing to buy one, test it, and shill it too.
Bad plan. Never put your second factor on your phone. Phones should be treated as barely trusted devices.
Good
Fucking
Luck
The security processor on these things are designed to be really fucking hard to breach physically. Abd by "really hard" I mean you'd need a well equipped lab, an expert in microprocessor reverse engineering, and an electron microscope to get started.
Fingerprints is only beat by your face as the worst possible physical authentication method.
>Morons actually believe this.
So defending yourself against malware and exploits currently used in the wild is paranoia? Wow, thanks. I'm going to go back to using XP since all this new security bullshit is just the result of paranoid delusions.
U2f has been slow as fuck on the uptake, but nearly everything worth having two factor on supports software otp, which is almost as good.
Security idiot here, I use keepass to store all my passwords. What would a yubikey do for me?
>Password db stolen due to malware
>Password entry gets keylogged
>0 day TLS flaw causes you password to be intercepted in flight to a server.
Two factor of any kind can help protect you from these things. When you log in, you enter your normal password, then you're prompted for your second factor code. A yubikey, or even something as simple as Google authenticator generates the code that you enter. This code can only be used once, and expires pretty quickly. An attacker cannot log in as you even if they have your password. Hardware 2fa is simply more secure than just using your phone, but if you're not using any 2fa right now then I'd recommend starting out with software based 2fa.
What happens if you loose / break it?
I use 2fa for stuff like my google account, facebook, etc with Authy. Would hardware 2fa completely replace it where I just have to plug it into my laptop and it'll have the code or NFC through my phone?
Keep a few backup codes offline in a safe place.
Yeah hardware based is better. I use a yubikey with their authenticator app. Codes are generated on the hardware token and the token can be password protected. I'm sure there's a desktop equivalent of the authenticator app.