Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:36 pm

All times are UTC + 1 hour

Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Sat Apr 06, 2013 8:27 pm 

Joined: Sat Apr 06, 2013 8:10 pm
Posts: 1
I'm not sure I understand how the Yubikey works with Password Safe. There appear to be two different descriptions of how to set up a Yubikey to work with Password Safe: one at


which describes using the personalization tool to establish a challenge response configuration and create a 20 byte secret key, and another in Yubico's video, at


where Password Safe is used to generate a secret key and write it back to the Yubikey.

I can see how the second method works: both Password Safe and the Yubikey share the secret when the configuration procedure is complete. However, in the case of the first method, I don't see how the secret key becomes known to Password Safe. If the key isn't shared, how can Password Safe verify the Yubikey response when a password database is to be opened?


Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Apr 08, 2013 9:02 am 
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
The first one use HMAC-SHA1 algorithm. http://tools.ietf.org/html/rfc2104

Read carefully steps 4-7 and you will see how this works in combination with password safe.


Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group