Re: yubikey

From: James Harrison <james@xxxxxxxxxxxxxxxxxx>
Date: Tue, 21 Jul 2009 23:39:48 +0100

shimmyshack wrote:

Is anyone familiar enough with the yubikey product

http://www.yubico.com/home/index/

that they care to comment on its position within the market for SSO
devices? I would appreciate some advice as to its compromise between
useability and security.

Thanks for any reply

It's pretty solid- 32 bits of AES-encrypted data, plus 12 character ID.
It's not at the high end of security, but for normal use (ie not
banks/mil/etc) you're probably fine. Very usable, hardware's quite
resilient, no software requirements for the device and crossplatform
support helps a lot.

Downside being that Yubico hold the same AES 128-bit key used to encrypt
the data. That said I'm fairly sure you can configure them with your own
key, but then can't authenticate against their service which rather
defeats the purpose.

James
.

References:
- yubikey
  - From: shimmyshack

Prev by Date: Re: Question about Blowfish
Next by Date: geld verdienen von zu hause aus, geld machen wenn, poker ii spielen, poker stars um geld spielen, texas holdem kostenlos spielen, ihr geld im internet, online roulette geld verdienen, pennergame schnell geld, kostenlose pokerschule, schnell viel g
Previous by thread: yubikey
Next by thread: Re: k4
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] SMS Banking
... " It looks like Craig has defined parts of his model too narrowly, ... compromise of the SMS system and the user authentication methods, ... least one variant of risk management modelling and mitigation (even if it is ... baseline the security of the system into the longer term. ...
(Full-Disclosure)
Re: Your Opinion +
... and RealNetworks regarding Windows Media Player back in 2003, lets say for discussion, MS now turn around and offer up their 'Security Applications' for free. ... Those things aren't even usually called "security software" -- for example, use of Mozilla-based browser makes Windows desktop more secure not because Mozilla-based browsers are designed as "security software" but because it allows the user to not use Internet Explorer, and it contains less, shorter living or easier to avoid vulnerabilities than the product it replaces. ... Software that runs on potentially compromised computers looking for signatures, altered files, inconsistent responses from system interfaces and other evidence of compromise. ...
(Bugtraq)
Re: OT: unathorized network user.
... that are UTTERLY WORTHLESS to security and even cause ... and offers actually useful advice for security. ... In fact, some of them will cause many people networking problems, ... offered has absolutely NOTHING to do with securing a wireless network. ...
(Fedora)
Re: Windows xp screen freezing...randomly
... My views on security coincide with the vast ... disregard advice to install security software. ... Mechanical KVM switches often lose the keyboard and mouse on ... "The Linksys KVM, like other electronic KVM switches, is able to ...
(microsoft.public.windowsxp.help_and_support)
Re: Windows xp screen freezing...randomly
... I read ALL your posts. ... My views on security coincide with the vast ... disregard advice to install security software. ... "The Linksys KVM, like other electronic KVM switches, is able to ...
(microsoft.public.windowsxp.help_and_support)