Jump to content

maxdamo

Members
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About maxdamo

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. maxdamo

    Support for U2F

    @Vinod Kumar IMO it should be "user provided" or "static from Yubikey" (and not the combination of both). first reason, is that the "user provided" password is a backdoor, if the yubikey is lost or broken. Secondly, we are a bit tired of typing 3rd, it's a super-long password which cannot be broken/guessed in any way, and the few characters that you'll add won't add any security (yes, if somebody steals the key, can use it to login, but they need to steal the laptop together with they key.... let's go back to real life scenarios ) There is a fork of KeepassX for Linux which supports Yubikey static password.... unfortunately they are not providing a backdoor password, and it's a bit scary to use it. There is experimental code: you need to query the yubikey (with proper api, libraries, tools, whatever, ) to grab the static password.
×