am I the only nutcase around here that has a Yubikey?
cookie jar (i)
@evefavretto count me in. I borrowed this from my company and I don't think any of my coworkers are using one
cookie jar (i)
@ento yours is not even a NFC model!
@evefavretto ohh now I see the radio wave mark on top of the y on yours. do you use it via NFC?
@ento on my phone, yes. on my MacBook, USB as usual.
the good thing about nfc on the yubikey is you can use it very easily on your phone
@evefavretto I see, I rely on face unlock and 1password on my phone right now
@ento your phone is what? also, nobody would like to keep tapping a yubikey just to unlock a phone, this is for login into certain accounts as a 2nd factor(Google, Microsoft,etc). 1password can use a yubikey to help secure it, I believe
@evefavretto a pixel 4. 1password's mobile app allows face unlocking instead of entering the master password, and can autofill credentials
@ento now I get the face unlocking. yes, most password managers can use biometrics (face on the pixel, fingerprint on everything else)
@ento btw, Microsoft logins with the FIDO2 enabled ones (like mine) are just plain magic
@evefavretto hm, nameless and passwordless auth? I'm tempted to upgrade for myself. More services seem to have added support for U2F too, while I haven't been paying much attention
@ento Microsoft accounts that's already true. I think yours is a 4, right? should support FIDO2
@evefavretto yes, a 4, and FIDO2 isn't listed on their "identify your yubikey" page. seems like it's on the v5 family of keys and a few others that's been released since 2018
@ento oh. that starts to limit some things going forward. Microsoft accounts with yubikeys is FIDO2, not U2F (but its just plain amazing)
@evefavretto I have one, but I don't use it... /@ento @thrrgilag
@evefavretto I have the same version you have. There's been interest in Pnut adding support, but I didn't want to roll it myself, so was waiting for more generic support. Might be better tooling now.
@33MHz there's quite a push recently for 2FA, so I bet there's some form of help and libraries for U2F and FIDO2

Google themselves are selling flipping FIDO2 keys
@evefavretto I think a lot of login policies for what counts for 2FA are determined by the company, so e.g. my job requires an SMS 2FA to log in, no choice.
@33MHz ah, the lowest of low denominators.

someone will regret at the sign of a SIM swap