Yubico Forum
https://forum.yubico.com/

Where to Use
https://forum.yubico.com/viewtopic.php?f=33&t=1628		 Page 1 of 2
Author:  Paranoid [ Wed Nov 26, 2014 4:32 pm ]
Post subject:  Where to Use
Good day everyone,

Well I'm relatively new to the Yubikey, I purchased the standard one a about 6 mths ago, and just received the new u2f neo version. I guess the reason for my post today is I'm wondering how everyone here is using their keys. I've been researching the site, as well as the web and everyone keeps saying how they are using it all the time, but don't really explain for what. So far I'm using the u2f for Gmail and I'm using LastPass, but want to be able to use it for much more (personal side, not corporate).

I've read you can use the TOTP app for dropbox, and I'm guessing other sites that use the 2 step auth. My question is, how many sites will the Yubikey hold? Also I keep reading about OTP, I know it's like a disposable password, are there many popular sites that use this so I can configure my key to use those.

Thanks for any replies, and I apologize for the rambling, but I want to get the most from my key.
Author:  darco [ Mon Dec 01, 2014 8:54 pm ]
Post subject:  Re: Where to Use
I use pretty much every app on my Yubikey NEO:

  • Yubico U2F: U2F at sites which support it (just google at the moment, sadly).
  • YubiOATH: Holding my TOTP/HOTP credentials for various websites, including google, wordpress, github, dropbox and Facebook.
  • OpenPGP: Holding my OpenPGP subkeys, which I use for signing emails, opening encrypted files, and SSH authentication.
  • YubiKey PIV: Holding my personal client-ssl and S/MIME certificate from StartSSL.com, as well as a self-signed PIV Auth certificate I use sometimes for SSH authentication.
  • YubiKey OTP: I use this for storing an HOTP credential that I use for banking.

I just wish the bitcoin wallet app had come to fruition. That would have been wonderful. But alas, maybe for NEOv4.0.

While I am not aware of the specific upper limit, the OATH app on the Yubikey NEO can likely hold more credentials than you will every realistically use.
Author:  Paranoid [ Tue Dec 02, 2014 12:39 am ]
Post subject:  Re: Where to Use
Thanks for the reply darco, I appreciate it.

By using YubiOATH for Dropbox and Facebook, I'm guessing your using the Windows helper app? I'm on Mac and there doesn't appear to be a way to use that option at this time, or at least that what everything i've been reading sais.

Yeah the Bitcoin wallet feature would have been nice, that was one thing I was reading about before I actually purchased my Yubikey.
Author:  darco [ Tue Dec 02, 2014 1:44 am ]
Post subject:  Re: Where to Use
Oh, no, I'm using a Mac. Yubico Authenticator works great on a mac:

https://developers.yubico.com/yubioath- ... -0.1.1.pkg
Author:  Paranoid [ Wed Dec 03, 2014 10:57 pm ]
Post subject:  Re: Where to Use
Thanks again Darco, I just downloaded it and will give it a try when I get a chance. I appreciate all your help.
Author:  Tom [ Thu Dec 04, 2014 8:46 am ]
Post subject:  Re: Where to Use
if you can get the new release on github fixes a problem with utf8 passwords.

I didnt had time to build a mac release.
Author:  darco [ Thu Dec 04, 2014 10:35 pm ]
Post subject:  Re: Where to Use
Hi Tom,

Any chance we will see these apps end up in the Apple App Store? That would make it much more convenient to install on macs.
Author:  Paranoid [ Thu Dec 04, 2014 10:45 pm ]
Post subject:  Re: Where to Use
Besides the Yubioath-desktop.pkg, is there anything else I have to install? The reason I ask is because when I launch the program, I get the icon in my taskbar, but there doesn't seem to be too many options. There's just a "add account" and "delete account". Under new account, it just have a spot for an email address, no website info, and when I click on get code nothing happens.
Author:  darco [ Thu Dec 04, 2014 11:17 pm ]
Post subject:  Re: Where to Use
There are three pieces of information are needed to add a new OATH credential:

  1. The type of token, either time-based (TOTP) or event based (HOTP).
  2. A description of the credential. This typically describes the website and account the credential is associated with, but it could be anything you want to disambiguate.
  3. A Base32-encoded shared secret, obtained from your service you want to use.

You enter this information for each website you want to use an OATH credential with, using that "add account" button. After you add each credential it should show up in the list.

If it is a TOTP credential, it will show the code. I'm not sure what the behavior of the desktop program is with respect to HOTP codes, but i imagine you would need to click on it and it then copies the code to your clipboard.

So are you seeing your credentials in the list after adding them?
Author:  Paranoid [ Fri Dec 05, 2014 1:28 am ]
Post subject:  Re: Where to Use
I'm seeing the credentials and the code, but when entering the code generated by yubico app to confirm the 2 factor authentication, they don't seem to work.
Page 1 of 2 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/