Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 11:28 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Wed Jun 24, 2015 12:59 am 
Offline

Joined: Wed Jun 17, 2015 2:25 am
Posts: 2
I've been playing around with my Yubikey Neo and have gotten OTP, Chal-Resp, and U2F to work as local logins on my Ubuntu box (pam modules). I'm trying to determine if any one is better than the other, security wise, since all appear to be valid options.

I've basically nixed off the OTP because it involves sharing a secret. No offense to Yubico, but I'm trying to get out of the game of possible leaked secrets, no matter who stores them. It also gives you the issue of logging in while not connected to the internet. Bleh.

Challenge-Response is neat. Specifically in the SHA mode so that you're not burning your counters off. Authentication based off of symmetric encryption (basically).

U2F would be my preferred method of the 3 of them for logging in to websites since it does not involve trusting anyone with a shared secret. Also, most of the features of UTF are geared towards remote logins for web services.

Anyone have a compelling reason to use one or the other for a local login?


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group