Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That's even more funny, because the MBP's touch-bar is essentially the same type of device as the YubiKey—an isolated offboard CPU with its own TPM that can be unlocked with a fingerprint and then asked to encrypt secrets for the host/parent PC. The touch-bar just has more screen.

I'm surprised nobody's hacked the YubiKey app into making use of the touch-bar as the YubiKey "device."



Doesn't that kind of defeat the point of the Yubikey? I would think you would want to separate the key and the computer when you yourself are separated from your computer.


The copy on the Yubikey Nano's website says, "designed to remain in port." Removing it is still an option, but it doesn't sound like it's the point of having it.


You can also use the fingerprint sensor as a replacement for the ubikey. Which works arguably as well - at least it satisfies the criteria that you separate the key and the computer when you yourself are separated from the computer.


The device still requires a pin for most operations (depending on how it's configured), and locks itself if the wrong pin is used too many times.


It’s implemented as a auth mechanism to memento, it might be open sourced at some point.

The reason yubikey doesn’t do this is that it will kill their business and product.


https://github.com/github/SoftU2F


How would you change your fingerprint if it is compromised? Yubikey can be swapped at any time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: