Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 8:30 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Fri Oct 09, 2015 11:09 am 
Offline

Joined: Fri Oct 09, 2015 11:04 am
Posts: 4
Hi,

I started using the Yubico Authenticator for storing my passwords.
When I tried the osx version, I plugged in my yunikey and was surprised that all the otp's were already there even I added them only on my android phone.....
This leads me to a question - where are these sites/passwords I have manually added to the authenticator, stored? Are they on the usb key or somewhere on yubiko servers and just pulled? How does this works?

Thanks!


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Oct 09, 2015 9:57 pm 
Offline

Joined: Thu Oct 16, 2014 11:51 pm
Posts: 82
maara wrote:
When I tried the osx version, I plugged in my yunikey and was surprised that all the otp's were already there even I added them only on my android phone.....
This leads me to a question - where are these sites/passwords I have manually added to the authenticator, stored? Are they on the usb key or somewhere on yubiko servers and just pulled? How does this works?


They are on the key.

The account name and secret-key/seed are stored on the key when you set them up (a counter is initialized for each HOTP account as well). When you query the key with the Yubico Authenticator, you enter the password and it sends the password and the current time to the device, which then uses the password to authenticate as well as the phone/computer current time to initialize the TOTP functionality. Then it generates all of the 6- and 8-digit TOTP/HOTP codes, one for each account/secret-key combination.

Brendan


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 19, 2015 2:07 pm 
Offline

Joined: Fri Oct 09, 2015 11:04 am
Posts: 4
Thanks for your explanation!
Are these codes related to any of the two slots? - would reprogramming some of the slots (I am using OTP and OATH in slots 1 and 2) cause that the codes will be deleted?
How to ensure that these codes are safe and will be not touched in any other way than from the OATH app in the phone?

Thank you!


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 19, 2015 5:57 pm 
Offline

Joined: Thu Oct 16, 2014 11:51 pm
Posts: 82
maara wrote:
Thanks for your explanation!
Are these codes related to any of the two slots? - would reprogramming some of the slots (I am using OTP and OATH in slots 1 and 2) cause that the codes will be deleted?


They are not related to the two slots (usually). Yubico Authenticator generally uses the smart-card chip in the Neo, not the Yubico chip, and stores the OATH credentials away from the two older-style slot areas.

Recent versions of yubico authenticator (at least on the desktop) have added support for setting/reading the older slot-based storage of up to two HOTP/TOTP OATH credentials (named Slot 1 and Slot 2, I think). If you have been using a NEO with Yubico Authenticator to set up the credentials without setting any non-standard slot-based options, there should be no impact when configuring the slots using yubico's other tools.

maara wrote:
How to ensure that these codes are safe and will be not touched in any other way than from the OATH app in the phone?


Set a password in Yubico Authenticator.

Brendan


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Heise IT-Markt [Crawler] and 11 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group