• Makss@jlai.lu
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Oh nice ! Thanks for the explanation. Is this type of authentication supported by many apps and services ? Can it completely replace an authenticator app on a phone ?

    • Chobbes@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Not everything supports FIDO U2F (the kind of 2fa that Yubikeys support), unfortunately. That said a lot of your important accounts might. Google supports it, GitHub supports it, Apple supports it. It’s a much stronger form of 2FA, so it’s nice if you can have it.

      Depending on the yubikey you get it may also be able to do PGP so you can keep your keys locked up on it and off your computer so they’re safer. You can use this to encrypt / decrypt things, but also to cryptographically sign emails and git commits. You can also use it for SSH authentication.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      For services that support fido2 keys, Yes 100% it replaces TOTP apps. Most services do not support fido2 keys. Just services that are very security conscience. Google, Microsoft, GitHub, cloudflare, AWS, azure, anything with a high technical risk surface will support fido2 keys.