Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 5:30 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Tue Oct 20, 2009 6:37 am 
Offline

Joined: Tue Feb 03, 2009 9:06 am
Posts: 3
Having a similar issue as this here viewtopic.php?f=2&t=397

I started to encrypt my system with the Yubikey static password + a password I know and I get invalid password I have removed the truecrypt loader after the test failed and re-tried 3 or 4 times. I programmed the Yubikey 2.0 to have a static password and use it for my password manager so I know its working. The only thing I can think of is that the yubikey is spitting out a different static password for some reason. The total password is under 64 characters so that should not be the problem... anyone have any idea what is going on?


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Oct 23, 2009 8:31 am 
Offline
Yubico Team
Yubico Team

Joined: Wed Oct 01, 2008 8:11 am
Posts: 210
We would appreciate if you can use the "output speed throttling" feature of the YubiKey to slow down the character output from the YubiKey and try again. You need to use the YubiKey configuration utility to slow down the character output rate. The YubiKey configuration utility and the user guide can be downloaded from the following link:

http://www.yubico.com/developers/personalization/

Please note that you need to reprogram your YubiKey in order to slow down the character output rate.


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 13, 2009 8:56 pm 
Offline

Joined: Tue Feb 03, 2009 9:06 am
Posts: 3
Sorry for the delay needed to find time to decrypt/re-encrypt the drive and change the accounts that were using my static password etc..... I used the utility and added both delays for a total of 60ms and its still stating incorrect password...


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 13, 2009 9:44 pm 
Offline

Joined: Tue Feb 03, 2009 9:06 am
Posts: 3
After resetting the yubikey and truecrypt a few more times I found that I cannot have "Mix upper and lower case" check... wish that was in the documentation.


Top
 Profile  
Reply with quote  
PostPosted: Thu Nov 26, 2009 7:14 pm 
Offline

Joined: Thu Nov 26, 2009 6:23 pm
Posts: 4
Reliom wrote:
After resetting the yubikey and truecrypt a few more times I found that I cannot have "Mix upper and lower case" check... wish that was in the documentation.


Glad I read this post, as I was planning on using this to encrypt an entire disk. The more I read about these "issues" the more I think that this device places restrictive parameters on its use. SIMPLY relying on the "length" of a password, rather than its "complexity" in my honest opinion is no way to implement a secure environment. When your limited to ONLY all lower (or) upper case it makes your application more susceptible brute force tools.....Just like the lack of choosing my own static passwords, I am yet once again very disappointed. :cry:


Top
 Profile  
Reply with quote  
PostPosted: Fri Nov 27, 2009 1:32 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Just to try to understand what goes wrong here - does the key generate an okay password at the time of configuration, i.e. when you're in the OS ? I assume that's the case.

Any feeling that there is a timing issue - any difference if the throttling is set ?

The problem of "Mix upper and lower case" not working - can you please give a hint here ? Does it not work at all or not within the Truecrypt environment ?

Regarding password complexity, I've made a post here viewtopic.php?f=6&t=368

With the best regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 09, 2009 5:20 am 
Offline

Joined: Wed Dec 09, 2009 12:36 am
Posts: 3
Lain_ wrote:
Reliom wrote:
When your limited to ONLY all lower (or) upper case it makes your application more susceptible brute force tools.....Just like the lack of choosing my own static passwords, I am yet once again very disappointed. :cry:


What are you talking about? You can certainly have upper and lower case characters. And I've been using my own static passwords in my testing (which, incidentally, are mixed case).

See page 27 in the Personalization tool manual:
http://www.yubico.com/files/YubiKey_Con ... -12-03.pdf

Select "Scan Key Mode" and enter your custom password in the "Scan code input" field. Not a user friendly name but I kind of understand why. Remember, the Yubikey simulates a keyboard... scan codes aren't the same across countries/keyboards/platforms. That was why Yubikey came up with modhex:
viewtopic.php?f=6&t=96

Works fine (at least with the 2.1 key I have here).

-jr


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 09, 2009 5:24 am 
Offline

Joined: Wed Dec 09, 2009 12:36 am
Posts: 3
Reliom wrote:
After resetting the yubikey and truecrypt a few more times I found that I cannot have "Mix upper and lower case" check... wish that was in the documentation.

Can you elaborate what you mean by "cannot"?

If you open up a text editor (e.g. Notepad, Vi) and touch your Yubikey several times in a row (wait for the light to come back on in between touches), are the keys generated consistent (they should be if you are activating your static configuration)?

Are you aware that the Yubikey (at least it its a 2.0 or 2.1 one) has two password profiles? Perhaps you accidentally wrote the configuration to the wrong one? Or perhaps you were activating (with a shorter versus longer "touch") the incorrect profile?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group