How is a Yubikey any different than other physical keys people have been carrying for hundreds of years? It seems much more intuitive to carry a digital key for your digital accounts.
Password managers have the added complexity of still needing a password themselves and all the quirks that come with auto filling and programmatically reading forms.
I'm not sure Apple head phones are quite a fair comparison. Outrage was also due to proprietary connectors that were patent encumbered.
I lost my yubikey once. There are always ways to recover your accounts, and it's especially easy for ones you're already signed into on multiple devices.
They're completely different! The similarity is at the physical/surface level only.
Physical keys work in one (or rarely in several, but basically unchanging set of) locks, and I carry around about 2-3 of them.
Hardware security keys, by contrast, work in many different places/accounts, potentially even for multiple accounts on the same service, but only after registering them there.
That's not how people experience physical keys: You don't, for example, move apartments or visit a friend, and the landlord/friend "registers/adds your key for their lock". If you lose your physical key, you can't "quickly revoke it from all doors" that it locks (without kicking everybody else out).
> How is a Yubikey any different than other physical keys people have been carrying for hundreds of years?
1. Not everyone caries keys (I don't and haven't for years)
2. Because every other existing alternative doesn't require you to cary something extra. Asking people to cary something with them to be able to sign into accounts will feel like a step backwards to most people.
3. Because most people only need to pull out their keys a few times a day. Requiring a Yubikey for every sign in means you'd now need to constantly be pulling your Yubikey out to sign into things.
> Password managers have the added complexity of still needing a password themselves and all the quirks that come with auto filling and programmatically reading forms.
I don't buy this. I use Lastpass which is arguably the most widely used password manager. I sign in using the master password maybe once a month and it works seamlessly on my phone. Apple and Google both have their own native solutions as well and still only 1/3 of people use them.
> Outrage was also due to proprietary connectors that were patent encumbered.
I think you're living in a bubble. Just go look back at the headlines from when that was announced. Almost no one gave a shit about it being a proprietary connector. People were upset because they were being forced to buy and cary a bunch of dongles. Just look at the comments on these reddit posts:
> 3. Because most people only need to pull out their keys a few times a day. Requiring a Yubikey for every sign in means you'd now need to constantly be pulling your Yubikey out to sign into things.
I just leave it connected to my computer. It requires a physical touch for every interaction so it can't be 'milked' for tokens like old fashioned smart cards.
Password managers have the added complexity of still needing a password themselves and all the quirks that come with auto filling and programmatically reading forms.
I'm not sure Apple head phones are quite a fair comparison. Outrage was also due to proprietary connectors that were patent encumbered.