Disclaimer: This may be a stupid question...
I'm currently working on a 2FA product that uses Yubikeys for validation. I need our users to register their Yubikeys against their account, and then I'm validating each Yubikey request using the Yubicloud servers.
When I'm registering the user's Yubikey against their account, I'm grabbing the Public ID from the Yubikey request (and that's the bit that I'm storing in the database, which is the recommended course of action according to what I've read). Does this need to be encrypted when it's stored in the database?
Last edited by jeedee on Fri Apr 07, 2017 6:25 pm, edited 1 time in total.
|