Heute von unserem IAM Chef zwei #YubiKey Sticks bekommen. Hab gleich mal mein iPhone mit #FIDO2 abgesichert. Nur Windows 11 tut noch bucklig. #hello meint, der Key gehöre nicht zur Familie, obwohl die PIN korrekt ist. Hmmm?

@PlaneSailingGames @FOSSingularity I use a #Yubikey to authenticate to #Github, and I haven't heard anything about them taking that away. Actually if anything, my experience has made it seem like they're trying to push for greater adoption of Yubikeys and compatible devices.

@TimWardCam
Well sure, if you're not using #MFA, but for your sake, I really hope that's not the case.

I'll tell you right now that I use @bitwarden to manage my passwords, but even if you somehow guessed the email address and password I use to unlock my #Bitwarden vault, you still wouldn't be able to access my stuff, because you'd also need to steal my physical #Yubikey or my literal #fingerprint. If an attacker can gain physical access to my home and/or #biometrics, I have much bigger problems to worry about than my online accounts.

@bitals @Nifflas

A research found a way to recover the #keepass password from memory dumps, This affects all versions before 2.54, which has not been released.

The article suggests to use #yubikeys to store the password because this keeps the password out of the system memory.

I'm quite sure this is wrong. You can even see the password entered by the #Yubikey. I this case the yubikey is acting like a keyboard and typing a (long random) password for you.

#dfir

https://www.malwarebytes.com/blog/news/2023/05/keepass-vulnerability-allows-attackers-to-access-the-master-password

🛡️ How do you manage SSH authentication?
• I hear SSH keys are good but I am concerned about saving plain keys on disk as many apps have access to it. So I only use it where automated SSH is required.
• SSH certs seem to be better but that requires setting up a separate server instance to work. My workplace uses X.509 SSH certs with Yubikey auth.
• SSH password + 2 factor auth is what I am using for some of my personal servers as of now.

If you are using SSH keys, how do you manage them?
If you use other methods, would like to know your insights.

#security #ssh #server #linux #unix #2fa #mfa #yubikey #datasecurity

Did anyone else notice, that the price of #yubikey 5C NFC is skyrocketing at #amazon.de since the release of #iOS 16.3?

With #macOS #Ventura 13.2 and #iOS 16.3 you can now secure your #iCloud account with the new #SecuityKeys feature. To set it up you’ll need at least two FIDO compatible keys like #YubiKey 5Ci or 5C NFC.

👉 https://support.yubico.com/hc/en-us/articles/7449189070620
👉 https://support.apple.com/en-my/HT213154

#FIDO #fido2 #Security

@megantaylor None today, so far..

~10 Yesterday

~60 Sunday.

~80 Saturday.

~40 Friday....

(etc.)

Slowly burning through and updating a couple of decades of accounts has a lot of churn.

(Change account here, notice API call broke over there, update backup/recovery codes and schemes, check for current #otp #yubikey options, etc.)

On the plus side, finding old accounts I had forgotten about, and revisiting projects/sites I last saw in the early 00's (or even just 5 years ago) is a lot of fun!

@pylon Gilt ein #YubiKey als Tastatur? Wenn nein: Die haben eine praktische "Static Password"-Funktion…

@adingbatponder I'm not sure. Maybe a #Yubikey or an external biometric reader. Haven't tried any. I'm happy with typing the #password. I feel more secure.

Because... if I don't need to type the password, that means that either the password or the cipher key must be in memory.

For the phone I ended enabling biometrics. Because it is a hassle. And I guess I can trust a non rooted android phone.

Anyone got any good #privacy or #security tips.
I currently use #yubikey to store my #gpg keys. Encrypt my emails as they hit the server, if they aren't already.

I keep my notes in #joplin E2E encrypted offsite.

Data is currently stored in #Owncloud online

@haxd Back when I had to go to an office, Yubi/etc tokens lived on a separate "city" keychain with the door fob, bike rental fob, etc. (Hard to forget when going to the restroom, etc.)

Once I stopped that foolishness (pre-C) I printed a couple of desk organizers. My #Yubikey sits in a USB recess on the top of one, and the #Solokeys live in a USB-C organizer next to it. (Both also hold some lasers, to fend off the regular #cat attacks.)

@sdueckert #Yubikey+#2FA sind toll, aber es fehlt noch ein bisschen Feinschliff auf der Anwendungsseite.