Follow

One advantage of my current work-from-home setup is that I don't need to unplug my yubikey nearly as often, saving me the trouble of typing in my PIN.

One *disadvantage* is that I've apparently totally forgotten that PIN, locking myself out of, oh, basically _everything_.

To the backups!

@codesections My 401k plan website now supports 2FA with hard tokens. 🎉

*ONLY* Yubikey tokens 😢

@nathand

> My 401k plan website now supports 2FA with hard tokens. 🎉
> *ONLY* Yubikey tokens 😢

Really? That sucks -- I didn't even realize that was possible. I have a Yubikey, but I've always just used it as hardware to store the token generated by 's --card-edit functionality.

I take it Yubikey's also have their own, incompatible/non-free implementation of the same idea? Why would they even do that?

@codesections No idea. I don't have a Yubikey, but a Thetis key, which supports FIDO, etc etc...

It *may* be that they're banking (haha) on WebAuthN, but I didn't poke around long enough to figure it out. Also: I doubt that is the case.

@codesections opps ... how much time will it take to recover all?

@suraj

> opps ... how much time will it take to recover all?

Oh, it didn't take long -- I didn't lose any data, just the encryption key stored on my 2FA token. So, once I restored the key from my offline backups, I was back in business (the biggest delay was just in retrieving the offline backups from their Secure Location™)

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.