Hardware security key experiences

mid_gen · 25 Jun 2024 at 08:52

Like many people, I use an authenticator app and 2fa for most stuff these days. Which is grand, but I'm also very concerned about what would happen if someone got into the account that backs them all up.

Been considering getting a few Yubikeys to lock down my main MS account. Wondered if anyone is using them and has good/bad things to say....

LostCorpse · 25 Jun 2024 at 19:16

bad : you loose the key and you only have 1...
so make sure you get at least 2.
remember hardware keys dont work with every service.

mid_gen · 11 Jul 2024 at 22:00

LostCorpse said:
bad : you loose the key and you only have 1...
so make sure you get at least 2.
remember hardware keys dont work with every service.

Got a couple of the standard Yubico Security Key NFC. Setup on my MS and Google accounts and removed all the sms/phone number based 2 factor. Pretty painless.

Still use authenticator app for primary 2FA, these are just the backups, but without the possibility of someone cloning my SIM.

wigster · 14 Jul 2024 at 14:37

How long are they guaranteed to work? that would be a concern if it failed.

LostCorpse · 14 Jul 2024 at 17:16

its why you always buy more than one and test regularly.
but 2years seems to be bandied arounbd for regular daily use.

mid_gen · 2024-07-23T08:32:20+0100

LostCorpse said:
its why you always buy more than one and test regularly.
but 2years seems to be bandied arounbd for regular daily use.

I don't see why a yubikey or similar well made passkey would fail after two years. It's completely solid state, and powered through USB, the algorithm is good for 30 years.

Just having a look around and plenty people are happily using theirs since 2014/15.

Badically, chances of both keys failing before you can get a backup is remote. Chances of that happening at the same time as my primary authenticator app is lost, is basically zero..... so I'm pretty happy with the setup.

LostCorpse · 2024-07-23T09:36:46+0100

indeed. when i looked i could not find solid numbers.
i saw a quote 2 years based on very heavey usage but others quote 8+years of operations.
i'd rather give a low hard number to set expectations, i should have stated that in original post.
if you get 2 keys you'll use one more than the other. when that dies the back up key is still good and time to get a repalcement for the failed one.

Hardware side :

https://www.reddit.com/r/yubikey/comments/h8e8py/wear_of_contacts_how_durable_is_a_yubikey/

see also for the software side one aspect

OTPs Explained

developers.yubico.com

section : Usage counter

https://support.yubico.com/hc/en-us/articles/360013662780-YubiKey-LifeCycle-Management-Key-Retirement

&

Yubico Forum • View topic - Life span of a Yubikey - how to tell if it is near?

between 18-30years

The LED is expected to have a life span of approx 5 years

Yubico Forum • View topic - How long is the expected life of LED of YubiKey?

based on being plugged in 24x7

So it depends on a number of things.
i am expecting a minimum of 2years of operation. but hoping for 10-15years of usage.

This post :

https://www.reddit.com/r/yubikey/comments/gg3wr4/how_durable_is_the_yubikey_5_nfc/

and this one made me chuckle (it linked from the reddit post)

x.com