Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 7:12 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Tue Feb 10, 2015 9:39 pm 
Offline

Joined: Fri Feb 06, 2015 4:45 pm
Posts: 8
Hi,

I do not have Neo yet, but I have read the instructions on how to use it here.

The suggestion there is to set up a second key as a backup, but is there a way to keep any information that could be used to set up a backup-key at a later time?

The thoughts behind my question:
- It's not not the cheapest solution to invest into two keys now just to have a backup if needed anytime in the future.
- If I invest in a second keys that is not used but stored anywhere it aging although.
- Buying a second key know means to have a sparepart with the firmware from today
- If I could store anything (for example the secret key) that allows me to generate a neo that could replace the first one at a later time, I could wait if the first one will be broken or lost sometime. Then I could order an unaged new Neo with up-to-date firmware and the only issue might be that I can't get hands on my passwords for some days.

Regeards
FS1


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Feb 13, 2015 2:37 pm 
Offline
Site Admin
Site Admin

Joined: Mon Dec 08, 2014 2:52 pm
Posts: 314
You post is vague and does not specify what algorithm/protocol are you referring to.

In any case yes you can save the secret and store it later on a Yubikey you'll buy in the future.


Top
 Profile  
Reply with quote  
PostPosted: Sun Feb 15, 2015 11:53 pm 
Offline

Joined: Fri Feb 06, 2015 4:45 pm
Posts: 8
That's because I don't use a yubikey yet :)

But anyway your response is helpful to me as I'm now knowing that there fallback-strategies in case of a broken or lost yubikey.


Top
 Profile  
Reply with quote  
PostPosted: Fri Feb 20, 2015 12:55 am 
Offline

Joined: Fri Feb 20, 2015 12:44 am
Posts: 3
FS1 wrote:
That's because I don't use a yubikey yet :)

But anyway your response is helpful to me as I'm now knowing that there fallback-strategies in case of a broken or lost yubikey.


I guess my thoughts are that this is really more of a passwordsafe question than a Yubikey question. And I experimented with this a bit myself since I have a neo and a couple of the older keys that I keep as a backup.

Really with passwordsafe, the critical thing to keep track of is what PasswordSafe calls the "Yubikey Secret Key", which is 20 hex bytes of apparently random data. If you know those 20 bytes of data, then you have the ability to re-create a key.

With the Yubikey personalization tool, one can select "challenge-response", and then click on "HMAC-SHA1". This lets you enter the "Secret Key", which you can then write to a new Yubikey, and you should be good to go again.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Google [Bot] and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group