[SGVHAK] Yubikey and Password Manager

willingc at willingconsulting.com willingc at willingconsulting.com
Wed Mar 13 15:59:30 PDT 2013


Hi Braddock,

Thanks for the detailed response on the different Yubikey models.

Your experience with LastPass helps too. I've been debating whether to 
use LastPass (didn't know about the Linux PAM) or keypassx (not ideal or 
seemless across OSs and mobile). I will give LastPass with the Yubikey a 
shot :)

Thanks!
Carol

On 2013-03-13 14:00, hak-request at sgvhak.net wrote:
>
> Message: 2
> Date: Wed, 13 Mar 2013 08:45:20 -0700
> From: Braddock <braddock at braddock.com>
> To: Hardware Hacking Special Interest Group <hak at sgvhak.net>
> Subject: Re: [SGVHAK] Yubikey and Password Manager
> Message-ID: <51409F10.40201 at braddock.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 03/12/2013 06:06 PM, willingc at willingconsulting.com wrote:
>> I met some of you at Scale11x a few weeks ago. I remember someone 
>> had
>> a Yubikey for one time passwords and VPN access from a client site.
>> Any suggestions on which model of Yubikey is best and which password
>> manager is your favorite?
>
>
> Hi Carol,
> I had brought the Yubikey to the SCALE meetup.
>
> I have the Yubikey Standard packaged with one year of LastPass 
> Premium.
> The Yubikey NEO has NFC as well, but I don't have any NFC devices.  
> The
> Nano is attractively small, but I figured I'd need to put it on a 
> loop
> of some kind for my keychain which would make it bulkier anyway.  The
> VIP model has a lot of bells and whistles I didn't really need.
>
> I really like LastPass.  I also got the Linux PAM module for Yubikey
> working on my Linux boxes without too much pain.
>
> Also note you can program the Yubikey to emit either a 
> one-time-password
> when you press it momentarily, or there is a second slot you can
> configure with a long fixed password activated by pressing for a few
> seconds for systems which can't use OTP.
>
> I have not tried to set up my own authentication server, I just rely
> (and thus implicitly trust) the Yubi Cloud service.
>
> -braddock
>
>
>
> On 03/12/2013 06:06 PM, willingc at willingconsulting.com wrote:
>> Hi all,
>>
>> I met some of you at Scale11x a few weeks ago. I remember someone 
>> had a
>> Yubikey for one time passwords and VPN access from a client site. 
>> Any
>> suggestions on which model of Yubikey is best and which password 
>> manager
>> is your favorite?
>>
>> Thanks,
>> Carol Willing
>> (Wishing San Diego was closer to your meetings...)
>
>
>
>
> ------------------------------
>
> _______________________________________________
> HAK mailing list
> HAK at sgvhak.net
> http://sgvhak.net/mailman/listinfo/hak
>
>
> End of HAK Digest, Vol 7, Issue 7
> *********************************



More information about the HAK mailing list