Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:29 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 18 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: Dual usage Yubikey
PostPosted: Mon Mar 30, 2009 1:32 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
I've spent some time making some prototypes. As usual, things get a bit different when you try it IRL...

Changing the sensitivity of the sensor allows some fairly precise double-tapping and it works pretty nice. But as you guys pointed out, inserting the Yubikey into a really worn USB port of a laptop makes double-tapping somewhat flimsy. I've not made up my personal mind if this is a show-stopper.

Implementing the short vs. long press exposed another issue that I really forgot in the first place - for the short press you need to remove the finger to release the OTP. I believe this can be a bit confusing as the intuitive way is to press the button until the OTP output begins to show up. If you are aware about the behavior it works nice.

I believe the default option shall be quick and highly inituitive (i.e. push until you get the OTP) wheras getting access to the second function could require a few seconds of training. The second option above could maybe be pretty okay after all if the thershold is set reasonably long. If you don't get the OTP within two seconds when you push, you're pretty likely to give up. Then you'll get it and hopefully you learn.

Just a few open thoughts. I'll try a slight variation of the above and return if it seems to make sense.

Regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

 Post subject: Re: Dual usage Yubikey
PostPosted: Mon Apr 06, 2009 1:18 am 
Offline

Joined: Fri Mar 20, 2009 10:50 pm
Posts: 2
I would love to have two designs in production (a one button for non tech users, and a two button for the geeks).
I do however like the idea of timing for the differentiation as it could be implemented on current hardware. I agree that the default OTP mode should be to hold until the light goes off and output starts as this would not require any re-training if you only want to continue with the current feature set. you would only have to worry if you wanted to take advantage of the second OTP feature... which could fit in one of two cases a "tap" or an "extended hold" ~5 seconds where the light could blink twice and output... I haven't decided which i would like better.

one must also realize that you will never be able to get to a point where everyone is happy with the design.

I also like the idea of multicolored bumpers or frames that could be epoxied on as i have been searching for a way to differentiate several keys for different uses.


Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Wed Apr 15, 2009 3:18 am 
Offline
User avatar

Joined: Tue Jan 13, 2009 6:33 am
Posts: 20
Quote:
I've spent some time making some prototypes.

Once I animated the original two button design I could visualize in my mind, how pressing one, or the other, or both, can allow a two button operate as a 3 button design. But by that time you'd emailed the desire to use the same form factor which I understood as the same outer dimensions and basic layout (1 usb connector, 1 button, 1 keyring hole).

With the double-tapping... go to some local workplaces (offices, retail, workshops) and see how people use their mouse.
Personally I've found interesting to observe how some people use the mouse.
Sounds a bit like you've come to the same realization on all the timings, where if they all can't be customized then don't bother designing anything beyond the current design (1 button 1 OTP) yubikey.
Yes I agree, the intuitive way really is to press the button until the OTP output pops-out.

Quote:
I believe the default option shall be quick and highly intuitive (i.e. push until you get the OTP) whereas getting access to the second function...

There's that timing issue again. Originally that long key press was to ensure fewer mistakes from a casual or accidental keypress.
Hmm, wouldn't a triple tap take about the same time or less then the current press and hold?
Also the triple tap could keep it just as simple while ensuring fewer mistakes.
True some people would be annoyed, but perhaps the personalization software could toggle between triple and double tapping?

PS. binaryhackerman has brought up a point that I made awhile ago. Will Yubico be keeping the current economic/business grade Yubikey, and also offering a more advanced ($$$) feature enriched Yubikey?
I have to ask because quite frankly I see the current Yubikey as a solid and economic solution to small business inventory/POS/DB management control.

Also the "multicolored bumpers" could be made like any automotive trim panel retainer and snap into place, to avoiding epoxies and their shelf life. A similar bumper should be fairly easy to design for the current Yubikey, but it'll really be a bumper on the back that ends up making the keyring hole smaller.


Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Mon Oct 13, 2014 11:36 pm 
Offline

Joined: Thu Oct 09, 2014 6:04 pm
Posts: 2
Hi

Thank you for the reply.

I hope you actually see this message after all the junk that was posted in this thread.

I haven't tried the Windows tool, but I guess that is what the screenshot is of.

Is it possible to do it using the MAC personalisation key?

Also, an unrelated question, is there a way to join and or use this forum without the OTP feature enabled on my Yubikey? I would like to set static passwords on both slots and it looks like that will log me out of the forum.

HC


Attachments:
Screen Shot 2014-10-13 at 23.35.26.png
Screen Shot 2014-10-13 at 23.35.26.png [ 186.65 KiB | Viewed 3282 times ]
Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Tue Oct 14, 2014 8:15 am 
Offline
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
You can disable Yubikey at logon, at your own risk, in the user control panel

The feature of the Yubikey and software are the same on any operating system windows mac linux.

_________________
-Tom


Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Fri Oct 17, 2014 11:42 am 
Offline
User avatar

Joined: Fri Aug 08, 2014 7:11 pm
Posts: 24
Has there been any serious considerations in Yubico related to a two-button alternative?

It is very awkward to have potential clients becoming very interested in Yubikeys only to realize that if they want to "go down this road" and hence make a strategic decision that the Yubikey(s) should be their preferred 2FA/U2F device, then they must buy several yubikeys as one would not provide enough options. Very often, it is the need to have a) OTP from Yubico server, b) Static password, c) VIP (for example to secure your Paypal account), and now recently: d) NEO.

Certainly a two-button design that would include a total of 4 variants would solve this.

One can make up small tricks like something that can be felt, for example having the first button round, and the second frame around the button area square, so that when not looking at it, one can feel the difference.

Think about all the old people who have even greater problems with passwords. They are in need of tactile asociations to help them remember where is which function. A normal confusion would be "did I put the VIP on the first press of the first button, or the first press of the second button?". A tactile association like the square that can be physically felt, would help add one more association to it, and then easier to remember, and less confusion.

(Re: Passwords/logins to the forums here:
I think it is high time for the yubico forums to be accessible on HTTPS, so that passwords are secured regardless of using OTP or not. Strange that a company like this dares to give such an impression while being a security focused company.)

_________________
Regards,
Nomadus


Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Tue Oct 21, 2014 5:20 pm 
Offline

Joined: Wed May 09, 2012 9:35 pm
Posts: 45
I agree! This would make the Yubikey much more user friendly and cost effective. As we speak, 50$ for the NEO is super expensive for the "normal" user. Much less attractive is you need 2 AND a VIP. I know many that don't go the Yubi way because of the price.

Also, I think there should be a fifth (and sixth if 2 buttons) slot not linked to a button that would be home to a HMAC config.
When a challenge would require a button press, then button 1 for slot 5 and button 2 for slot 6.
This way, HMAC is not wasting useful button-triggered slots.


Top
 Profile  
Reply with quote  
 Post subject: Re: Dual usage Yubikey
PostPosted: Wed Oct 22, 2014 12:05 pm 
Offline
User avatar

Joined: Fri Aug 08, 2014 7:11 pm
Posts: 24
JH2007 wrote:
Would a two button Yubikey overcome the plugged in the back of a laptop dilemma?
No. Because if the average computer user can't see it then they are just fumbling around a large piece of equipment.


I would think that it is just a very small percentage of the users, that would be unable to have a Yubikey near their hand(s), and be unable to feel the difference between the location of button one and button two?
For example, for each one that knows the UBS is inconveniently placed, they could just get a USB extension chord and put the Yubikey in it, which most likely would let them place it in a convenient spot.

I fail to see how that concern could be used as an argument to dismiss the idea of two buttons alltogether.

If, in addition to having two buttons, one can be shaped round, and the other square, then that would give even further practical associations to which button has been used for which function.

The "shape" I am talking about is just the plastic "edge" around the metal button: It does not need to only be round. From a production/design point of view, it is dead simple to select an alternative, practical shape without affecting the quality or durability of the Yubikey at all.

_________________
Regards,
Nomadus


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ]  Go to page Previous  1, 2

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group