laography.blogg.se -

That thing houses a whopping 512 kiB of flash memory. The Yubikey 5 is pretty much just one single chip: an Infineon SLE 78 microcontroller. Let's get the limitations part out of the way first.

Is the plural of "YubiKey" actually "YubiKeys"?.

Should I be worried about breaking my Yubikey?.

Are NFC and USB completely equivalent when using the Yubikey?.

Isn't it a bit too easy to permanently delete the credentials stored on the key?.

How am I supposed to keep my backup Yubikey in a safe place if I need it to register new websites on it?.

Is it less secure to have NFC enabled on my Yubikey?.

Can I update the firmware on my Yubikey after I get it?.

What's different about the FIPS models?.

Part 100: It's all write-only, you can't just "make a backup later".

Part 4: It's a virtual keyboard that can type up to two (2) passwords.

Part 3: It's a CCID smart card in USB/NFC form.

Part 2: It's an OATH One-Time Password generator.

Part 1c: PINs and user verification (FIDO2).

Part 0: It's a stupidly small USB drive.

(you know you're going to lose points for brevity when you need a table of contents for your Reddit post) So, then, what's a Yubikey? TL DR of Contents The limitations are usually the same across all Yubikey models, but I'll try to point out the differences where I've managed to find any. I'm also writing most of these sections with the "fully-fledged" Yubikey 5 models in mind, given the other available models support subsets of that.

While I could have made some of those explanations simpler, I really wanted to lay down some of the inner workings of the key enough to make what it can and can't do clear, which can be hard to boil down into making it simple (let alone short, I'll be the first to say I really went overboard with how long this turned out to be). Since I'm partly writing these notes for myself, there might be some back and forth between "explain like I'm five" and "I'll asume you have a minor in computer science". Now that I have one, I decided to write down everything I figured out in order to help myself (and hopefully some other people reading this) make sense of all this. The official documentation tends to be surprisingly convoluted at times, weirdly organized and oddly shy about a few of the limitations of these keys (which I'm making a point of putting front and center). So while looking for information on security keys before getting one myself, I got very confused reading about all the different modes and advertised features of Yubikeys and other similar dongles. (EDIT: Besides Reddit, I've also put this up on Github Gist) "What the heck is a Yubikey and why did I buy one?": A user guide