Yubico Forum ...visit our web-store at 2014-03-19T11:05:12+01:00 https://forum.yubico.com/feed.php?f=12&t=1244 2014-03-19T11:05:12+01:00 2014-03-19T11:05:12+01:00 https://forum.yubico.com/viewtopic.php?t=1244&p=5068#p5068 <![CDATA[Re: [SUGGESTION] Allowing longer static passwords]]> Tom wrote:

Its a space limitation within the Yubikey, but we will note your suggestion.


Of course, by "Allowing" I was talking about maybe manufacturing a new product (a hardware token by Yubikey would be a nicer product than current available hardware tokens).

Statistics: Posted by max13 — Wed Mar 19, 2014 11:05 am

]]> 2014-03-19T10:43:48+01:00 2014-03-19T10:43:48+01:00 https://forum.yubico.com/viewtopic.php?t=1244&p=5065#p5065 <![CDATA[Re: [SUGGESTION] Allowing longer static passwords]]>
public identifier 32 char modhex is 16 bytes (scancode symbols)
the AES secret 16 bytes
private identity 6 bytes

Its a space limitation within the Yubikey, but we will note your suggestion.

Statistics: Posted by Tom — Wed Mar 19, 2014 10:43 am

]]> 2014-03-18T21:13:07+01:00 2014-03-18T21:13:07+01:00 https://forum.yubico.com/viewtopic.php?t=1244&p=5060#p5060 <![CDATA[Re: [SUGGESTION] Allowing longer static passwords]]>
The NSA probably prevents Yubico of doing so though.

Statistics: Posted by Morphlin — Tue Mar 18, 2014 9:13 pm

]]> 2013-12-02T12:59:40+01:00 2013-12-02T12:59:40+01:00 https://forum.yubico.com/viewtopic.php?t=1244&p=4675#p4675 <![CDATA[[SUGGESTION] Allowing longer static passwords]]>
I have a usefull suggestion which I care a lot: Allowing longer static password.

I've seen that static passwords can be up to 64 characters, and unfortunately, without OTP it's downsized to 38... I wanted to use a slot of my Yubikey to input "Private keys" (RSA key for instance), and for testing purpose (of the concept) I'm writing an app with takes a private key as input (Base64) and output the public key. The thing is that the minimum strength of a private key is 32bits, which outputs 65 characters (based64).

If I suppress the padding char (=) I can have 64, and even 63 chars, which fits in the 64 chars limit of the yubikey BUT... It's limited to 38 characters...
The suggestion is to allow static password or static "text" up to 2000 characters (~1600 chars for RSA 2048bits) or even up to 3000 characters (~3100 chars for RSA 4096bits), which will also make the yubikey a PKI hardware token too ;)

Statistics: Posted by max13 — Mon Dec 02, 2013 12:59 pm

]]>