Yubico Forum https://forum.yubico.com/ |
|
how to tell difference between short and long button presses https://forum.yubico.com/viewtopic.php?f=16&t=342 |
Page 1 of 1 |
Author: | eduqate [ Sat Jun 27, 2009 6:07 pm ] |
Post subject: | how to tell difference between short and long button presses |
Just curious, if it is press and release in less than 1.5 secs for one kind of code and hold for 2.5-5 secs for the other how can one tell if you have held down long enough to generate a second configuration OTP? What happens if you hold down for longer than 5 seconds? |
Author: | network-marvels [ Mon Jun 29, 2009 2:06 pm ] |
Post subject: | Re: how to tell difference between short and long button presses |
The new YubiKey 2.0 provides an interesting feature. For the static password configuration, if the "Allow user to manually update using the button" option is selected from the new personalization utility, users can reprogram their YubiKeys on the fly if the YubiKey button is pressed for 6-8 secs. If this option is not selected, the YubiKey will just rapidly flash for a while and nothing will be emitted from the YubiKey. For more information about all the new features added in the YubiKey 2.0, please visit the following link: http://www.yubico.com/developers/personalization/ |
Author: | Bora [ Wed Jul 08, 2009 11:35 pm ] |
Post subject: | Re: how to tell difference between short and long button presses |
How do you update with pressing 6 seconds? |
Author: | Jakob [ Thu Jul 09, 2009 12:40 am ] |
Post subject: | How to use the manual update feature |
First of all, the key needs to be configured for static mode (CFGFLAG_STATIC_TICKET flag set). Secondly, the new flag CFGFLAG_MAN_UPDATE needs to be set. The keys that we send out does not have this feature enabled as they are all configured in OTP mode to work with the Yubico validation server. You can easily try out this new function by downloading the new personalization tool and try with configuration #2, thereby keeping configuration #1 to still work with the Yubico validations service. Again - this feature only works on Yubikey 2 ! 1. Fire up the configuration tool 2. Select "Create a static Yubikey configuration" 3. Basic mode is okay to start with for testing. Check the box "Allow user to manually update" 4. Just go for next until you get to programming. 5. Select "Write to configuration 2" 6. Insert the key and press Run 7. When acknowledged, the key is ready to use. A short press (0.3-1.5 seconds) yields the default (configuration 1) output. A long press (2.5 - 5 seconds) yields the newly created static output (configuration 2). Try the second a couple of times and you'll (hopefully) see that the output is all the same. Now, press and hold the key for 8-15 seconds and release it. The LED shall now begin to flash slowly. Give it a short press and the update is committed and the new OTP is yielded. A typical usage scenario could be: 1. Give user a Yubikey configured with the flags CFGFLAG_STATIC_TICKET and CFGFLAG_MAN_UPDATE set. 2. The password policy is cranked up with a minimum length 3. When the user is asked to change password next time, the normal username is entered 4. In the password field, the old password is entered 5. The user is asked to enter a new password. The new password poliicy now apply 6. The user types in the password and holds the Yubikey button for 10 seconds and releases. The newly created password is outputted 7. Enter the password again. Press 3 seconds and release. The new password is confirmed. The reason why this function is created is to support legacy login without any need for any back-end functionality. It is ny no means perfect, but seems to fulfill quite a few user's need for enhanced security at a very low implementation cost. With the best regards, JakobE Hardware- and firmware guy @ Yubico |
Author: | Bora [ Thu Jul 09, 2009 12:55 am ] |
Post subject: | Re: how to tell difference between short and long button presses |
So from this what I understand is; When I press the key for 8 seconds it will change the static password and write itself with the new password. How about if i want to setup a manual password lets say hellothisismyrandomunhackablepassword ? Can we do that? |
Author: | network-marvels [ Thu Jul 09, 2009 8:04 am ] |
Post subject: | Re: how to tell difference between short and long button presses |
The new personalization utility provides an feature of programming the YubiKey 2.0 with keyboard scan code input for static password configuration. The scan code mode provides a mechanism to generate a string based on any arbitrary keyboard scan code. Select the "Scan ccode mode" under the the "Create a static Yubikey configuration" and place the cursor in the "Scan code input" field and type the desired string. The keystrokes are converted to scan codes and YubiKey is programmed accordingly. When YubiKey button is pressed, the YubiKey will generated the string entered in the "Scan code input" field. This way we can program the YubiKey to emit the desired password. Please note that this feature is available only for YubiKey 2 only, maximum 16 characters are allowed and this mode may create incompatibilities if different national keyboard layouts are used as the mapping varies between countries. |
Author: | paulcooper [ Fri Aug 07, 2009 7:35 pm ] |
Post subject: | Re: how to tell difference between short and long button presses |
Can the static short password (16 characters) be reprogrammed using the 10 second button press? I cannot get this to work on my key even though I have clearly switched on the "manually update using the button" setting. I press the button for 3 seconds and get a 16 character static password. I then hold it for 10 seconds, release it and the ring flashes rapidly for 2-3 seconds. A brief press during the rapid flash does not change the static password. If it makes any difference I have upper/lower case set as well as characters/numbers. |
Author: | Jakob [ Sat Aug 08, 2009 12:08 pm ] |
Post subject: | Config tool bug ! |
Thanks for bringing up this matter. It is a bug in the configuration tool that only shows up in truncated (short = 16 character) mode. We'll post an updated version of the config tool soon. Regards, JakobE Hardware- and firmware guy @ Yubico |
Author: | paulcooper [ Sun Aug 09, 2009 7:32 pm ] |
Post subject: | Re: Config tool bug ! |
Thanks Jakob JakobE wrote: Thanks for bringing up this matter. It is a bug in the configuration tool that only shows up in truncated (short = 16 character) mode. I presume that when the config tool has been updated, I will be able to program my key to allow the password to be regenerated with a 10 second press. Are you able to say when the config tool will be updated please? |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |