How is this thing any better than a password?
if i steal this i can access your systemif i need your password i instead have to break your fingers, which is much more fun
>>106485712You still need the FIDO/U2F/PIV PIN. >>106485671 It lets you use TOTP across devices without needing a phone.
>>106485725most password managers can do TOTP
>>106485671Can't be phished no matter how hard the user messes up
>>106485671NFC never fucking works for mehave to always plug it inhate this shit
>>106485671It's great for the elderly or the tech illiterate so they can just plug and authenticate instead of writing down a password or reusing the same simple passphrase they use for every service.
>>106485789Works on my machine.
>>106485712>if i need your password i instead have to break your fingers, which is much more funHow's he supposed to be able to type on a keyboard if you break his fingers retard? Do you expect him to type that shit out with his feet?Fucking amateurs I swear.
>>106485797>Thinks FIDO is passkeys
>>106485926He could just tell you the password and you type it.
>>106485671>How is this thing any better than a password?it's not, next question
>>106485671This lets you remember a simple pin instead of a complicated passwordPin strength is about as secure because it blocks if you fail too many times.And ofc it's a physical device so you need to physically steal it to even use it which is much harder than penis I'm bored
>>106486152>He could just tell you the password and you type it.That could work, unless I miss hear him. I'm very easily distracted sometimes. Also the whole being tortured thing might leave him hyper ventilating and nervously spelling it out to fast.
>>106486541Most people will give it right up. People aren't super tough guys like in the movies or what they pretend to be. You don't need to go hardcore, just things that are painful enough and bring them fear for worse.
>>106486541oh no, an excuse to break another finger. how awful.
>>106486596>>106486582>oh no, an excuse to break another finger. how awful.Ummm sorry Mr. prisoner I'll listen more clearly this time... I was originally only gonna break like two fingers originally, please speak at a slower pace.
>>106485763>turn on MFA>put your TOTP within your password managermight as well just turn off MFA at that point.
>>106487994if they let you then sure turn it off
>>106486541I think you are too retarded to be a functional autist.
>>106485671yubiko no pico
>>106485789android and fido2 is very finicky, try using u2f instead.
>>106485671It only protects against one vector of attack at the expense of exposing to another. If someone steals your yubi key, they can easily log into any account.
>>106487994storing totp in your pw manager still protects you against website leaks.the only disadvantage is if your pw database itself gets leaked, in which case you are fucked, totp or not. this happens much less frequently than a website leaking credentials (unless tarded).imo it's much better to increase the security of the pw manager (with keyfiles, hardware keys), than storing totp in another device.
>>106489134>If someone steals your yubi key, they can easily log into any accountWhat do you suppose the M in MFA stands for?
>>106489047kek
its secure only if you securely store it up your bum
>>106486064FIDO can function for webauthn logins, they just aren't syncable.Cross device syncing is the main feature of passkeys.
What happens if it fails or you lose it? Bye bye accounts. I will never use anything like that or 2FA.
>>106489612That's why you buy two and keep one safe. You know, exactly how you do it with your passwords?
>>106485671its like those old computers that needed a physical key to turn on but you can't just jam a bic pen in thereand a yubi, whilst a cybsec larper meme, are still superior to smart cards for the sole reason that not every computer has a smart card slot but some shit is seriously wrong if you dont have usb ports.its also mainly for "secure environments" or companies without a BYD policy where phone meme MFA is inappropriate. personally i have an RSA key that cycles through numbers (i didnt buy it, its for work)
>>106485671for the same reason multifactor exists if someone steals your password but not the key you are still secure. if someone steals your key but not the password you are secure.just makes hacking you harder
>>106485671because it's not a replacement for password it's an additonal layer of security and they both your password and that device
