Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
General Apps
Passwords and passkeys
Password-less: Your Thoughts
Message
<blockquote data-quote="kC77" data-source="post: 1025089" data-attributes="member: 92796"><p>I'm a big fan of the yubikey bio... Use it for every service I can, so much more secure.. quicker and easier than totp... Fido/webauthn no need to register it and unlike the normal non bio yubikeys you at least have the requirement of biometrics instead of just "any human can touch it"</p><p></p><p>I would worry about owning a non biometric yubikey about "if I was in an accident or incapacitated.. Or death..." With a standard key the only protection is the pin you have set.</p><p></p><p>With a non biometric key I'd really worry about storage and placement of my backup key..</p><p></p><p>With existing totp it was such a bind to open an authenticator app... Copy a code ... Sometimes waiting for it to timeout.. Then pasting it, that quite often I just click "trust this device/remember me" </p><p>While 2fa is good... Its the fact or saving that device that leads to a potential weakness. </p><p></p><p>With the yubikey bio and the supported services I have no need to "trust or remember" any device ... Just an extra prompt to tap my key and read biometrics for 2fa... Takes 2 seconds.</p><p></p><p></p><p>Sites still requiring totp seem old school... And often out of laziness if its generic site/forum or something non critical I'll Just "trust this device"</p><p>Even so this is only on devices I own and trust.</p><p></p><p>Yubikey bio..Amazing device... Highly reccomend.</p></blockquote><p></p>
[QUOTE="kC77, post: 1025089, member: 92796"] I'm a big fan of the yubikey bio... Use it for every service I can, so much more secure.. quicker and easier than totp... Fido/webauthn no need to register it and unlike the normal non bio yubikeys you at least have the requirement of biometrics instead of just "any human can touch it" I would worry about owning a non biometric yubikey about "if I was in an accident or incapacitated.. Or death..." With a standard key the only protection is the pin you have set. With a non biometric key I'd really worry about storage and placement of my backup key.. With existing totp it was such a bind to open an authenticator app... Copy a code ... Sometimes waiting for it to timeout.. Then pasting it, that quite often I just click "trust this device/remember me" While 2fa is good... Its the fact or saving that device that leads to a potential weakness. With the yubikey bio and the supported services I have no need to "trust or remember" any device ... Just an extra prompt to tap my key and read biometrics for 2fa... Takes 2 seconds. Sites still requiring totp seem old school... And often out of laziness if its generic site/forum or something non critical I'll Just "trust this device" Even so this is only on devices I own and trust. Yubikey bio..Amazing device... Highly reccomend. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
