Why doesn't Tom use Yubikey's?

Just surprised there hasn’t been any mention of it on the channel. I find it the best way to do 2FA even if it’s only storing TOTP codes. Would be interested in seeing a deep dive using it for GPG/SSH priv. keys.

Dr. Duh has a great guide on this: https://github.com/drduh/YubiKey-Guide

1 Like

Watched a crosstalk vid on the Yubikeys a couple of days ago. I have one sitting in a box that I never use but keep thinking I should.

2 Likes

That’s the video that inspired me too! haha

I looked at this a while back, the costs of those keys soon add up plus they have have different types which just adds more cost. I know there was/is an open source project trying to make the hardware more affordable but they need to get way down to say £10 for 10 keys.

For now encryption and software 2FA seems the best option not to get locked out of my own kit.

I think I never really used it because I couldn’t get things going on my phones (or I was worried that I woudln’t be able to so never tried)

The new ones have usb C and Lightning and NFC (which I understand now works on iOS as well as Android) so you probably can now have one key to rule them all.

Just recently got a 2 pack and it has been nice to setup both to be identical so I have a backup of all 2fa codes kept in a secure location.

1 Like

if you use KeepassXC you can also keep a backup in software of your 2fa

In India, Yubikeys are really expensive, I have found some cheap ones but I don’t know how good they are. A yubikey 5 costs more than a $100 here which is crazy. You can buy a decent phone in India at that price.