It does exactly what it says, which is authentication with a relying party. WebAuthn is neither about encryption, nor hashing.it will break sync and increase the risk of getting locked out, if sync fails.using the YubiKey in this mode is quite terrible in terms of UX, which is even worse on mobile devices.it's of course possible to use it in KeeWeb just as is, as well, but that's not what we're looking for here.that's actually not 2FA and I doubt if it gives any additional security, since the password is typed using a keyboard driver.There are some alternatives described on this page: using a workaround with storing the key on the device, which has to be carefully assessed in terms of security, to make sure the key doesn't end up in iOS backups.as a one-time mode with a static key, which can be for example scanned as a QR code from the desktop app.desktop apps should use any of YubiKey API, such as native API or ykman, whichever is more feasible.MacPass doesn't support it yet, but there's a ticket.StrongBox has recently integrated it in both the app itself and in AutoFill suggestions.KeePass supports it via KeeChallenge plugin.This implementation has already gained some support in other well-known KeePass forks:
YubiKey supports challenge-response operations in form of HMAC-SHA1. Is your feature request related to a problem? Please describe.
0 kommentar(er)
