Hardware security key experiences

mid_gen

mid_gen

mid_gen

Soldato
Joined
20 Dec 2004
Posts
18,102
Like many people, I use an authenticator app and 2fa for most stuff these days. Which is grand, but I'm also very concerned about what would happen if someone got into the account that backs them all up.

Been considering getting a few Yubikeys to lock down my main MS account. Wondered if anyone is using them and has good/bad things to say....
 
LostCorpse said:
bad : you loose the key and you only have 1...
so make sure you get at least 2.
remember hardware keys dont work with every service.
Click to expand...
Got a couple of the standard Yubico Security Key NFC. Setup on my MS and Google accounts and removed all the sms/phone number based 2 factor. Pretty painless.

Still use authenticator app for primary 2FA, these are just the backups, but without the possibility of someone cloning my SIM.
 
LostCorpse said:
its why you always buy more than one and test regularly.
but 2years seems to be bandied arounbd for regular daily use.
Click to expand...
I don't see why a yubikey or similar well made passkey would fail after two years. It's completely solid state, and powered through USB, the algorithm is good for 30 years.

Just having a look around and plenty people are happily using theirs since 2014/15.

Badically, chances of both keys failing before you can get a backup is remote. Chances of that happening at the same time as my primary authenticator app is lost, is basically zero..... so I'm pretty happy with the setup.
 
Ice Tea said:
I don't know if you have had this issue yet but i've seen people online complaining that buying 2 keys was a waste of money as some sites have started to restrict access to a single passkey.
Click to expand...
Not something I’ve come across. I just use them for my core accounts anyway, let other systems (Proton Pass) take care of other stuff.
 
I don’t know I only use hardware keys for Google, Microsoft, Proton and a few others not on that list. Haven’t come across anything that doesn’t accept multiple yet.

Always have the printed codes as a last resort backup if you were restricted to only one key mind.
 
Pawnless Endgame said:
How do you get the printed codes? Is it for the hardware keys or is it a set of codes for each individual service like what Overclockers forum uses?
Click to expand...
The codes you can get from the service, they can be your last line backup.
Pawnless Endgame said:
Is the Yubikey phone app or desktop program needed?
Click to expand...
Nope, no app required. Anywhere that supports the keys will just give you an option, it’ll prompt you to insert your key and press a button on it (and enter a pin if you have one), then you’re logged in.

Alternatively on your phone you can use the NFC feature and just place the key on your phone. Tis a little finicky on my iPhone but always works.
 
Pawnless Endgame said:
I've linked them with Google so far and they work across multiple (3) machines. My aim is to make Google passwordless so that it logs in with just the keys, although I'm not sure on contingency plan if the keys are lost or become faulty. I presume I can still use my authenticator app as a backup?
Click to expand...
Yes you can still use your Authenticator app. Or a printed backup code.

Always have a backup.
 
You must log in or register to reply here.
Back
Top Bottom