undefined | Better HN

0 pointsgirvo3y ago0 comments

As much as I adore my Yuibikey, my girlfriend thinks I’m decidedly weird because I have two: one on my actual keys, and a backup that’s in my safe at home. Which is annoying because not every system lets me setup two Yubikeys (though TOTP is fine at least). I’m not using it for FDE, but I am using it for securing my password manager (which does support both keys) which holds the backup keys for said FDE and so on.

0 comments

gwillen3y ago

Name and shame sites that don't support using multiple Yubikeys! I'm pretty sure they're violating the guidelines in the standard if they do that.

ufmace3y ago

I think AWS is still the only one I know of doing that, or did they finally fix that?

Yup, just checked, they still are.

kogir3y ago

AWS is my largest annoyance in this regard.

vanous3y ago

The issue I have is that the second key can't really sit in the safe all the time because everytime you setup new service, it needs to be taken out and added.

ilyt3y ago

It's weird that we had that issue solved ages ago (like SSH, just add multiple public keys to the account, no need to have private key available for that), yet keep inventing worse way to do it.

Especially that most YK versions do support pub/private key auth...

girvoOP3y ago

Absolutely, but it's worth the trade-off for me personally. I get weird looks from my partner because of it though haha

j / k navigate · click thread line to collapse