Choose style:

Author Topic: Yubikey or not to key  (Read 226 times)

0 Members and 1 Guest are viewing this topic.

Online zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 2781
  • Karma: 519
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin x64
Yubikey or not to key
« on: February 26, 2019, 05:09:16 am »
Hi All

https://www.yubico.com/product/yubikey-5-nfc/

I hear people talking about using a yubikey for added security.  How viable are these for use in the UK?

Does anyone have any experience of using one - anywhere and how do you rate it.

Regards Zeb...
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P9Respin x64 Desktop - i7-6700K @ 4.00GHz - 32Gb RAM - NVIDIA GTX1070ti 8Gb - 2 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
x64 Laptop - i7-7700HQ @ 2.80GHz - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Online perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3613
  • Karma: 286
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: Yubikey or not to key
« Reply #1 on: February 26, 2019, 07:25:57 am »
Does it work with Linux, Zeb?

I read this from Yubico:

Quote
This YubiKey is an all-in-one configurable security key that works seamlessly with hundreds of services, including password managers Dashlane and LastPass, and services like Facebook, Google, Dropbox, and more. It can also be used to securely log in to Windows and Mac computers.

Source: https://www.yubico.com/quiz/

« Last Edit: February 26, 2019, 07:27:38 am by perknh »
We're all Peppermint users and that's what matters  ;). -- AndyInMokum

Online zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 2781
  • Karma: 519
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin x64
Re: Yubikey or not to key
« Reply #2 on: February 26, 2019, 07:27:48 am »
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P9Respin x64 Desktop - i7-6700K @ 4.00GHz - 32Gb RAM - NVIDIA GTX1070ti 8Gb - 2 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
x64 Laptop - i7-7700HQ @ 2.80GHz - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Online perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3613
  • Karma: 286
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: Yubikey or not to key
« Reply #3 on: February 26, 2019, 07:50:12 am »
That's interesting.  I know two friends who have been hacked, and if you begin using 2FA you'll greatly reduce the chance of that happening to you.  But, just like a cell phone (I take it you don't want to go that route for 2FA), you have to remember to keep the key with you.  But if it's in with a set of keys, chances are you'll always have it nearby.  It doesn't sound bad, Zeb.  I wonder how tough it is -- how it will be after it gets banged around over time in you pocket.  I don't know, Zeb, but this should be an interesting experiment -- and it's an alternative to using a mobile phone!  ;)
« Last Edit: February 26, 2019, 07:53:10 am by perknh »
We're all Peppermint users and that's what matters  ;). -- AndyInMokum

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23555
  • Karma: 2616
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Yubikey or not to key
« Reply #4 on: February 26, 2019, 08:13:06 am »
IIRC the "Passwordless" one requires Windows .. but the others work in Linux.

But I should add that's just "what I've heard/read" .. I've no experience with any of them, so don't take that as gospel.
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3613
  • Karma: 286
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: Yubikey or not to key
« Reply #5 on: February 26, 2019, 09:18:41 am »
Wow!  And I thought Zeb just didn't want to mess around with a smartphone.  Clearly you guys are living on a higher plane than me...Passwordlessness? :o

If you fellows can pull that off, I say more power to you!! ;)

P.S.

I have no idea what I've just linked below, but I got a feeling you guys might like it.  I'm out of here.  I've got to go mull this thread over -- over a coffee!

https://auth0.com/pricing
We're all Peppermint users and that's what matters  ;). -- AndyInMokum

Online zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 2781
  • Karma: 519
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin x64
Re: Yubikey or not to key
« Reply #6 on: February 26, 2019, 09:39:20 am »
Wow!  And I thought Zeb just didn't want to mess around with a smartphone. 

I mess around wayyyyyyyyyyy to much with phones - purchases in the last 18 months

One Plus5
https://www.oneplus.com/uk/5/specs

Huawei Mate 9
https://consumer.huawei.com/uk/support/phones/mate9/

Samsung Galaxy S9+
https://www.samsung.com/uk/smartphones/galaxy-s9/

Huawei Mate 20 Pro
https://consumer.huawei.com/uk/phones/mate20-pro/

Yes I have mobile Hoppertitus  :o

Regards Zeb...
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P9Respin x64 Desktop - i7-6700K @ 4.00GHz - 32Gb RAM - NVIDIA GTX1070ti 8Gb - 2 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
x64 Laptop - i7-7700HQ @ 2.80GHz - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Online zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 2781
  • Karma: 519
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin x64
Re: Yubikey or not to key
« Reply #7 on: February 26, 2019, 09:48:40 am »
ok so I ordered the Yubico - YubiKey 5C - USB-C

I will let you know how it goes...

Regards Zeb...
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P9Respin x64 Desktop - i7-6700K @ 4.00GHz - 32Gb RAM - NVIDIA GTX1070ti 8Gb - 2 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
x64 Laptop - i7-7700HQ @ 2.80GHz - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23555
  • Karma: 2616
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Yubikey or not to key
« Reply #8 on: February 26, 2019, 02:28:59 pm »
You obviously have too much disposable income Zeb .. let me help you with that, like a good friend should :)
« Last Edit: February 26, 2019, 02:43:29 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 4680
  • Karma: 870
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Yubikey or not to key
« Reply #9 on: February 26, 2019, 03:15:49 pm »
Yes I have mobile Hoppertitus  :o

Bwahahahahahaha!   :D



Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 4680
  • Karma: 870
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Yubikey or not to key
« Reply #10 on: February 26, 2019, 08:23:47 pm »
I was checking Swati's tweets, today...

Here comes FIDO2  :)

Quote
FIDO2 protocol is a combination of W3C's WebAuthn API that allows developers to integrate FIDO authentication into web browsers, and FIDO's Client to Authenticator Protocol (CTAP) which allows users to login without a password.

FIDO2 certified devices work on Mac OS X, Windows, Linux, Chrome OS and supported by all major browsers including Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari (included as a preview).

Though Android already offered FIDO-based authentication for installed apps using external hardware authenticator like YubiKey or Titan Security Key, the new update now expands this functionality to online web services via mobile browsers.

SOURCE: : https://goo.gl/GTcQQD

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23555
  • Karma: 2616
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Yubikey or not to key
« Reply #11 on: February 27, 2019, 03:01:53 am »
If I'm understanding this correctly - Just what the world needs, an authentication system that requires you pay for extra hardware and/or requires verification on a third party server (which you just know will turn into a subscription after the free testing phase).

Wanna log onto Gmail .. great, buy our dongle, or pay our secure authentication subscription.
(or a two tier internet .. security for those with money, insecurity for those that don't)

I'm such a cynic :)
« Last Edit: February 27, 2019, 03:05:29 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 4680
  • Karma: 870
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Yubikey or not to key
« Reply #12 on: February 27, 2019, 03:43:28 am »
Yup, things are getting weird, again - signaling that we're on the cusp of huge change.

Buckle up and enjoy the ride...  :)