Yubico Forum

Hello !

I have a usefull suggestion which I care a lot: Allowing longer static password.

I've seen that static passwords can be up to 64 characters, and unfortunately, without OTP it's downsized to 38... I wanted to use a slot of my Yubikey to input "Private keys" (RSA key for instance), and for testing purpose (of the concept) I'm writing an app with takes a private key as input (Base64) and output the public key. The thing is that the minimum strength of a private key is 32bits, which outputs 65 characters (based64).

If I suppress the padding char (=) I can have 64, and even 63 chars, which fits in the 64 chars limit of the yubikey BUT... It's limited to 38 characters...
The suggestion is to allow static password or static "text" up to 2000 characters (~1600 chars for RSA 2048bits) or even up to 3000 characters (~3100 chars for RSA 4096bits), which will also make the yubikey a PKI hardware token too

Yes! This would indeed be good.

The NSA probably prevents Yubico of doing so though.

Unfortunately NSA has nothing to do with it, just the math

public identifier 32 char modhex is 16 bytes (scancode symbols)
the AES secret 16 bytes
private identity 6 bytes

Its a space limitation within the Yubikey, but we will note your suggestion.

_________________
-Tom

Of course, by "Allowing" I was talking about maybe manufacturing a new product (a hardware token by Yubikey would be a nicer product than current available hardware tokens).