Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 8:11 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Tue Aug 25, 2009 7:19 pm 
Offline

Joined: Tue Aug 25, 2009 7:12 pm
Posts: 4
I just received my two YubiKeys that I ordered and I want to program a second configuration into them so I can store my WiFi password into them, while retaining the OTP funtion. Seeing that my WPA2 password is from Steve Gibson's Perfect Password page, it is a little long. :-)
I started to look through the site and saw on the Personalization Tool page "WARNING! By re-initializing your YubiKey (either by manually programming a new AES key in the YubiKey or programming the YubiKey for static PW), you will lose ALL abilities to use that particular YubiKey against Yubico online severs - validation server, YubiKey management service, Yubico forum, demo server, OpenID server and so on. Customers are advised to consider using separate YubiKeys for use in Static Password Mode or for development and testing purposes."
Ok, that was enought to stop me. I don't want to mess up the OTP function of the YubiKey by doing this wrong. Is there a step by step instruction guide out there that I haven't been able to find that will tell me how to do this without messing up the current configuration of the OTP function?
Thanks,
Ted


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Aug 25, 2009 7:49 pm 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
The pre-assigned Yubico identity is stored in configuration 1 so just make sure the "Write to configuration 2" radio button is set before hitting the "Run" button.

Regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Sat Sep 05, 2009 8:29 pm 
Offline

Joined: Tue Aug 25, 2009 7:12 pm
Posts: 4
Ok, I tried it and was successful at writing a static password to the second configuration, but I could not figure out how to specify what the password would be, I was just able to have the program generate the password. Is there a way to give it a specific password to write to the second configuration?
Thanks,
Ted


Top
 Profile  
Reply with quote  
PostPosted: Sat Sep 05, 2009 10:46 pm 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Yubikey 1 only supports the "compatibility" mode which means that you cannot set a specific string. The static mode simply forces the variable fields (use counter, session counter, timestamp and random number) to a fixed value. The Yubikey output then is the encrypted value of these fixed fields and the private id using the specified AES key.

For Yubikey 2, there are two new features with respect to static output:

a) The output can be set to "short" mode which means that the output is truncated to 16 characters. This was added to support some legacy systems that don't accept 32 character passwords.

b) "Scan code" output, i.e. support for a string made up of any arbitrary series of keystrokes. The obvious downside here is that as scan codes are sent, the output may change depending on the keyboard language settings.

Mode (b) is configured as following (assuming configuration tool Version 2).

1. Select task "Create a static Yubikey configuration"

2. In the following panel, select "Scan code mode”

3. Type in your arbitrary string, let’s say "abc123". In the scan code input field, the scan codes appear as 04 05 06 1e 1f 20

Hope this helps.

Regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Sun Feb 07, 2010 5:02 am 
Offline

Joined: Tue Aug 25, 2009 7:12 pm
Posts: 4
Ok, I haven't had a chance to play with this until now. So from what I am seeing, the only way to have a long password is to have it random? It seems that if I don't select a random password, I am limited to 16 charaters. I would like the ability to use a longer password but I can't seem to figure out how to get that with one I give it.
Thanks,
Ted


Top
 Profile  
Reply with quote  
PostPosted: Tue Mar 02, 2010 3:24 pm 
Offline

Joined: Tue Mar 02, 2010 3:19 pm
Posts: 1
iamted wrote:
Ok, I haven't had a chance to play with this until now. So from what I am seeing, the only way to have a long password is to have it random? It seems that if I don't select a random password, I am limited to 16 charaters. I would like the ability to use a longer password but I can't seem to figure out how to get that with one I give it.


Ted, I agree that I would like to drop in one of Steve Gibson's long passwords. The way that I've migigated this is to configure it with a nasty 16 character password and then either prepend or append my own memorized password to the one the Yubikey stores. Don't forget to uncheck the box that adds a <RETURN> to the end of the string. This gives me offline use for things like TrueCrypt or sites that don't support OTP like banking sites and such.

I'm still waiting for the mass acceptance of OTP technology. For now, it seems to be in the early adopter phase. I can't wait till these things come in the welcome kit for both Gigantic Bank, Inc., and SmallHomeTown Bank Inc.

Rick


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Heise IT-Markt [Crawler] and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group