For people informed about #infosec #2FA #opsec and adjacent topics, what two factor authentication solutions do y'all like using? I've looked at #YubiKey as a solution, and it seems pretty good, but I also see lots of people liking #OnlyKey and there's also #SoloKey and #NitroKey. None of them seem BAD, they just seem to have different trade-offs.

Boosts appreciated.

I ordered a security token from onlykey.io. I have problems tracking the package and getting in contact with the support.

Did other people have these kinds of problems with them?
#plsboost

#onlykey

Habe gerade meinen Ersatz #OnlyKey eingerichtet. Easy Peasy.
App gestartet, reingesteckt, Pin1 konfiguriert, Pin2 konfiguriert, ZerstörPin eingerichtet, Backup zurückgespielt (vom Hauptkey), getestet, funktioniert.
Wow, das ging einfach.

Part4: #onlykey
When I put the key in my usb-a slot, I had to get used to the fact, that the onlykey felt wobbly. When I pushed a button the onlykey gave in and move downwards. At first I was never sure if I hit the button or not. But then noticed the reaction with lights from the key which is good feedback. After having done it roughly a 100 times today, maybe even more, I got used to it, although the wobbliness feels like low quality.
Having said all this, try it out. I will get my spare one

Part3: #onlykey
On top of the 2 parts before it offers support for Google Authenticator (TOTP), Yubikey compatible OTP, and Universal 2nd Factor (U2F). For the latter you can touch any key on the only key. Unfortunately, there are also some drawbacks. I can‘t get it with USB-C. The software feels like early 2000s. It also has some minor flaws to my understanding. You cannot see how a slot is configured. If you want to change something you don‘t knowing it was used before or not.

Part2: First of all, I like that the #onlykey is pin protected. If I lose it, someone would have to brute force the pins. Not strong I would say, but better than nothing.
Secondly I can enter a URL, a username and a passwort and then pressing one button opens the address and logs me in. I tried it on several of my accounts, with tab and with return, and it worked smoothly. Even in a virtual machine. On top of this it offers a self destruct feature, which I like. The config can be backed up encr

Part1: I spent some time today playing with the #onlykey. My first try a year ago I stopped, I didn’t get the idea. After having been successful with #yubikey s the last day, I thought I give it a try. And I am happy. I wondered what issues I had last year. Today, I got everything working smoothly and could immediately see how to integrate into my daily life. The 24 slots (of which only 12 can be use easily at one time) offer so much more than a regular yubikey.

@kaspar just spent some time to setup mine. Today played with the #onlykey

Question regarding #onlykey. I wanted to configre a slot witht heir app on macos, but all entries except the label vanish when I click on "Set Slot". In the basic tab as well as in the advanced tab. Any ideas? I downloaded the newest app version

Hey, that #Yubico x #Cloudflare offer let me have two #Yubikey 5 NFC for just €35 incl. shipping! Pretty neat, even if I don't like Cloudflare that much :P

Finally, I can give friends keys and not pay thru the nose for it!

(I have an #Onlykey and a Yubi 4 Nano, and Onlykey kinda sucks sometimes).

@jonasvautherin I use an #OnlyKey. Nice h/w buttons to input PINs or output static/TOTP/whatever you want. Functions as a keeb so you don't need software. Still need to go to a website or use its app to let it set initial time for TOTP tho... but that way it works on anything that has a modern browser and that's all. Supports FIDO2.

the h/w is not completely open source and there's still no support for PGP/SSH on Windows (it's NOT an 'OpenPGP Smartcard'!). I pondered writing something for it!

Now, folks. Which #2fa #Fido2 #u2f #security #key do you prefer, and why? #NitroKey, #OnlyKey, #SoloKey, #YubiKey or something else entirely?

@matt In other words, #YubiKey. Because nobody knows what's in this proprietary closed source blob of an USB key.

#OnlyKey sucks at windows support tho.

@keyoxide Hey, any good options for managing #GnuPG #GPG #PGP #WKD for a small site (such as this one)? Currently using this: https://github.com/PennockTech/openpgpkey-control

Also, #keybase is nice, but y'know...

PS: It's a shame #OnlyKey does not support email encryption/signing on #Android while #YubiKey does :( just recently moved to OnlyKey and ECC keying

@alpinefolk @lightweight how is the portability across platforms on those?

Currently using an #OnlyKey (12 slots) for this on my end, and index cards for the infrequent ones.

My favourite part is never fiddling with browser plugins...it even works with mobile, provided I remember to bring my OTG adapter.

Build myself a necklace for my #onlykey. This way I can't loose it, at least I hope^^

One last post about my #onlykey for today, I promiss^^
As one ladt thing I wanted to find a way to authenticate sudo and other stuff on my servers with my hardwarekey on my PC. Learned about pam-ssh-agent-auth and set that up. Works now.
Just have to deploy that to the rest of my servers.

While using my #OnlyKey for authentication on linux was super easy, getting ssh and gpg working on/with it is a huge pain

I pulled the trigger and bought an #OnlyKey. 5-20 business days shipping, so lets hope for the best^^

I am thinking about buying a #OnlyKey security key.
What I like, vs the yubikey, is the pincode and that it is open source.
And it looks like it works with everything I need it to. SSH, PGP, authentication on Linux, Diskencryption, Authentication with Bitwarden and other online accounts.
For everybody, that has one already, is there something you don't like about it, something that doesn't work.
I am curious, before I pull the trigger.