Yubico Forum

Question about overwriting Slot 1
Page 1 of 1

Author:  IDPPKC [ Fri Jun 23, 2017 2:20 pm ]
Post subject:  Question about overwriting Slot 1


I'd just like clarification on something that I'm not too sure about please. I have a Yubikey Standard (Firmware 2.2.3). I don't currently use the Yubikey for any OTP based authentication. I am currently using it for inputting a Static Password (in Slot 2).

I would ideally like to use Slot 1 for the Static Password, as it is much easier to use (just a quick tap, rather than trying to count several seconds so Slot 2 is triggered). However, when reading up how to do this in the User Guide for the Yubikey Personalization Tool, it states "IMPORTANT: Re-programming your YubiKey’s first configuration slot will overwrite the YubiCloud configuration, and you cannot undo this action. Use care when you re-configure your YubiKey."

My question is, if I overwrite Slot 1 to use as a Static Password, but then later on, say wish to use something like LastPass or any other service that requires Yubico OTP, would this stop me from doing that? Would I then need to purchase a new Yubikey? Could I not just reprogramme it in the future (if needed) to use Yubico OTP for Slot 1, then just setup an account with say, LastPass, and use it without any issues?

Thanks for your help.

Author:  ChrisHalos [ Fri Jun 23, 2017 4:53 pm ]
Post subject:  Re: Question about overwriting Slot 1

You could either:

(1) delete the Yubico OTP credential and then program a new one at a later date, if needed - https://www.yubico.com/wp-content/uploa ... ide_en.pdf

- or -

(2) If you don't need to open up a slot by deleting the existing Yubico OTP credential, you can simply swap slot 1 and slot 2 so that slot 1 = static password and slot 2 = Yubico OTP. Open the YubiKey Personalization Tool and go to Settings > Update Settings > select a configuration slot > Swap

Author:  IDPPKC [ Sat Jun 24, 2017 11:59 am ]
Post subject:  Re: Question about overwriting Slot 1

Thanks very much for that. Swapping the Slots sounded a great idea, but I can't seem to be able to see the option to do that. The "Update Settings" button within the Settings tab in the Personalization Tool, is greyed out for me and states "Update is available for Yubikey 2.3 and later" above it. Does that mean my Yubikey, which is 2.2.3, can't swap the slots?

If I can't swap the slots, I shall do the first method that you suggested. I take it that the warning about not ever being able to undo this action, basically means that you can't get your exact original OTP details back on, but you can programme a new one which could be used in the future with a new provider. Am I correct with that? Sorry about not knowing this fully, I just wanted to ask because when something says you can't undo it, you need to be sure what the consequences are!

Thanks again, I appreciate it.

Author:  ChrisHalos [ Sat Jun 24, 2017 5:56 pm ]
Post subject:  Re: Question about overwriting Slot 1

Apologies, you are correct, this functionality wasn't added until firmware 2.3. Yes, correct as well, the warning is just to tell you that you can't recover the default credential (Yubico OTP credentials beginning with "cc" can only be programmed by Yubico programming stations - user programmed credentials need to begin with "vv").

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group