Yubico Forum :: View topic - Yubikey Counter: planned death ?

The key has no planned death or any form programmatically set limited lifetime.

If it reaches max, the counter just sticks there. If this situation would ever occur (which seems highly unlikely), you can always use the configuration tool to write a new configuration, which then reset the counters.

In Yubico OTP mode, the counters cannot be preset. In OATH-HOTP mode however, the counter (moving factor) can be preset to a known value at configuration.

Best regards,

JakobE
Hardware- and firmware guy @ Yubico

Author:	legeox [ Sun Jul 10, 2011 5:02 pm ]
Post subject:	Yubikey Counter: planned death ?
Hi, Reading the "YubiKey Security Evaluation" PDF available at http://static.yubico.com/var/uploads/pd ... -09-09.pdf I read this (on page 8): Quote: The 2 byte sessionCtr is stored in non-volatile memory (i.e., it is preserved when the user unplugs the USB device). It is initially set to 1. It is incremented every time the device is used after power-up. (The counter does not wrap; when it has reached 0xFFFF the counter sticks there. This corresponds to about 25 tokens every day for 7 years or 5 tokens every day for 35 years.) Should we understand that it is a planned death of yubikey ? Is it possible to set the counter to 0 (for example using the Personnalization tool) ? Thanks in advance for any anwer

Author:	Jakob [ Sun Jul 10, 2011 10:36 pm ]
Post subject:	Re: Yubikey Counter: planned death ?
The key has no planned death or any form programmatically set limited lifetime. If it reaches max, the counter just sticks there. If this situation would ever occur (which seems highly unlikely), you can always use the configuration tool to write a new configuration, which then reset the counters. In Yubico OTP mode, the counters cannot be preset. In OATH-HOTP mode however, the counter (moving factor) can be preset to a known value at configuration. Best regards, JakobE Hardware- and firmware guy @ Yubico

Author:	legeox [ Sun Jul 10, 2011 10:56 pm ]
Post subject:	Re: Yubikey Counter: planned death ?
Thank you for this information. Definitely, a very great product

Author:	cornelinux [ Tue Dec 13, 2011 10:25 am ]
Post subject:	Re: Yubikey Counter: planned death ?
JakobE wrote: The key has no planned death or any form programmatically set limited lifetime. If it reaches max, the counter just sticks there. If this situation would ever occur (which seems highly unlikely), you can always use the configuration tool to write a new configuration, which then reset the counters. In Yubico OTP mode, the counters cannot be preset. In OATH-HOTP mode however, the counter (moving factor) can be preset to a known value at configuration. Best regards, JakobE Hardware- and firmware guy @ Yubico Hi Jakob, so this is also the counter that is used for HOTP? So theroretically the counter would not be increased after 35 years? (OK, this is much longer than many other tokens of other token vendors having a battery). But theoretically the yubikey would always produce the same otp value after 2 byte keypresses? Is there a way to realize this. As the password will be entered in a password field, that only displays stars. So the user will never realize, that he will always enter the same password, when he is on pension. Kind regards Cornelius

Author:	ChemSteve [ Fri Oct 26, 2012 4:32 pm ]
Post subject:	Re: Yubikey Counter: planned death ?
I have basically the same question as legeox. Does yubico have a website or something where we can go and generate an OTP from our yubikey, and then know how many OTP logins we have left before the counter is used up? That would be useful down the road after I've been using my yubikey for several years. Thanks, ChemSteve

Yubico Forum https://forum.yubico.com/

Yubikey Counter: planned death ? https://forum.yubico.com/viewtopic.php?f=16&t=691	Page 1 of 1

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/