YubiKey

From Omnia
Revision as of 22:10, 5 January 2025 by Kenneth (talk | contribs) (→‎Remote Desktop)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

YubiKey Manager

https://www.yubico.com/support/download/yubikey-manager

Use the YubiKey Manager to configure FIDO2, OTP and PIV functionality on your YubiKey on Windows, macOS, and Linux operating systems. The tool works with any currently supported YubiKey. You can also use the tool to check the type and firmware of a YubiKey. In addition, you can use the extended settings to specify other features, such as to configure 3-second long touch.

Interfaces

USB and NFC

Applications:

  • OTP
  • FIDO2
  • PIV

Other:

  • FIDO U2F
  • OpenPGP
  • OATH

Remote Desktop

FIDO2 Passthrough requires Windows version 1903 or Higher. 

"WebAuthN requires Windows 10 version 1903 or higher"

Ref: 

FIDO2 security key sign-in to Windows - Microsoft Entra ID | Microsoft Learn
https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-passwordless-security-key-windows

SSO

OTP/TOTP mode vs PIN+FIDO2 mode

The benefit of FIDO2 is that it verifies the physical USB connection end-to-end, but this also requires end-to-end FIDO2 support.

Compared to traditional MFA methods like SMS codes or TOTP (Time-based One-Time Password), FIDO2 offers higher security by resisting phishing and man-in-the-middle attacks. Methods such as SMS-based codes can be intercepted, and TOTP is susceptible to phishing.

keywords

Retrieved from "https://aznot.com/index.php?title=YubiKey&oldid=8273"