Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 7:41 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 24 posts ]  Go to page Previous  1, 2, 3
Author Message
PostPosted: Fri Feb 06, 2009 3:41 am 
Offline

Joined: Wed Feb 04, 2009 4:33 am
Posts: 9
I suppose the first thing I should really ask is where/how do I get the ID and the AES keys to begin with?

The next question is how do I get the PT to work with the script? The limtation on the number of characters is not that important since they would both yeild a very stron password anyway.. What is more worthy of consideration is to make sure that the key can not be easily changed one set or would not be easy to tamper with in its original state.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Feb 06, 2009 6:39 am 
Offline

Joined: Sun Jan 11, 2009 4:40 am
Posts: 41
Datsys wrote:
I suppose the first thing I should really ask is where/how do I get the ID and the AES keys to begin with?

The next question is how do I get the PT to work with the script? The limtation on the number of characters is not that important since they would both yeild a very stron password anyway.. What is more worthy of consideration is to make sure that the key can not be easily changed one set or would not be easy to tamper with in its original state.


You don't need the original ID and AES keys to set a static password and/or a programming password. If you choose to use the PT, you won't need to use the script. The converse is not, however, true since the script requires the installation of the PT to operate. BTW, if you haven't carefully read the comments in the script, you should do that. There's lots of excellent information in there about this whole process. It also discusses the bit strength of static modhex passwords.

Just run the PT. In the ID field enter the first 24 characters of your GRC hex password. In the AES Key field enter the next 32 characters of that GRC hex password. Check the Create Static Password (No OTP) box.

Leave the Automatic Navigation stuff blank.

In the Programming Protection area, check the box indicating that you want to create or change the password. Two new fields will open for entry of the new password. Leave the field blank for the existing programming password and type the desired new password into the two places shown. Obviously, don't lose the password or you won't be able to reprogram the YK. Click on Update Settings. That should do it. At least it did for me.

Dick


Top
 Profile  
Reply with quote  
PostPosted: Fri Feb 06, 2009 8:22 am 
Offline

Joined: Wed Feb 04, 2009 4:33 am
Posts: 9
Dick, you are a gem plus. I am going to try what you have suggested here and see how it goes.

Just a thought though for future reference. I was looking through the forum and saw a way to get the original ID and AES keys for each YK, since I plan to do more of this convertinion to Static PW do you think it would be a good idea to use these before I reprogramme keys? Or is it that when the keys are reprogrmmed all of that stuff is lost?


Top
 Profile  
Reply with quote  
PostPosted: Fri Feb 06, 2009 5:30 pm 
Offline

Joined: Sun Jan 11, 2009 4:40 am
Posts: 41
Those are the two parameters that you are reprogramming when you use the GRC password as you desired to do. The only use that I can think of for the original values would be to return the YK to its status prior to your reprogramming.

Dick


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 24 posts ]  Go to page Previous  1, 2, 3

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group