Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 5:20 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: Sun Jul 10, 2011 5:02 pm 
Offline

Joined: Sun Jul 10, 2011 4:55 pm
Posts: 2
Hi,
Reading the "YubiKey Security Evaluation" PDF available at http://static.yubico.com/var/uploads/pd ... -09-09.pdf I read this (on page 8):

Quote:
The 2 byte sessionCtr is stored in non-volatile memory (i.e., it is
preserved when the user unplugs the USB device). It is initially set to 1.
It is incremented every time the device is used after power-up. (The
counter does not wrap; when it has reached 0xFFFF the counter sticks
there. This corresponds to about 25 tokens every day for 7 years or 5
tokens every day for 35 years.)

Should we understand that it is a planned death of yubikey ?
Is it possible to set the counter to 0 (for example using the Personnalization tool) ?

Thanks in advance for any anwer


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Sun Jul 10, 2011 10:36 pm 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
The key has no planned death or any form programmatically set limited lifetime.

If it reaches max, the counter just sticks there. If this situation would ever occur (which seems highly unlikely), you can always use the configuration tool to write a new configuration, which then reset the counters.

In Yubico OTP mode, the counters cannot be preset. In OATH-HOTP mode however, the counter (moving factor) can be preset to a known value at configuration.

Best regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Sun Jul 10, 2011 10:56 pm 
Offline

Joined: Sun Jul 10, 2011 4:55 pm
Posts: 2
Thank you for this information.

Definitely, a very great product


Top
 Profile  
Reply with quote  
PostPosted: Tue Dec 13, 2011 10:25 am 
Offline

Joined: Mon Nov 22, 2010 4:02 pm
Posts: 14
Location: Germany
JakobE wrote:
The key has no planned death or any form programmatically set limited lifetime.

If it reaches max, the counter just sticks there. If this situation would ever occur (which seems highly unlikely), you can always use the configuration tool to write a new configuration, which then reset the counters.

In Yubico OTP mode, the counters cannot be preset. In OATH-HOTP mode however, the counter (moving factor) can be preset to a known value at configuration.

Best regards,

JakobE
Hardware- and firmware guy @ Yubico


Hi Jakob,

so this is also the counter that is used for HOTP?
So theroretically the counter would not be increased after 35 years? (OK, this is much longer than many other tokens of other token vendors having a battery).

But theoretically the yubikey would always produce the same otp value after 2 byte keypresses?
Is there a way to realize this. As the password will be entered in a password field, that only displays stars. So the user will never realize, that he will always enter the same password, when he is on pension. :-)

Kind regards
Cornelius


Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 26, 2012 4:32 pm 
Offline
User avatar

Joined: Fri Oct 26, 2012 4:28 pm
Posts: 1
Location: central Illinois
I have basically the same question as legeox.

Does yubico have a website or something where we can go and generate an OTP from our yubikey, and then know how many OTP logins we have left before the counter is used up? That would be useful down the road after I've been using my yubikey for several years.

Thanks,
ChemSteve


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group