Hacker News new | past | comments | ask | show | jobs | submit login

If the yubikey stops working, you also loose access to the database

So I would have a backup with a simple password, or even unencrypted in a USB somewhere




You backup the yubikey seed (whatever it's called) separately from the password db, so that the attacker still has to get 3 separate pieces of information (db, password, seed) to get the full access.


If you backup the "seed" hotp secret you can probably use any OTP client software to open the DB without needing the yubikey


What you usually do with YubiKeys is have multiple of them so that if the key stops working or you lose it you can use the spare.

This is more secure than using a simple password or (gasp) an unencrypted copy somewhere.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: