Before everyone just on my throat saying I'm a naysayer I'll state that I love the idea.
However why oh why on earth is the YubiKey challenge/response optional?
Why can that thing work in a mode where it simply "dumps text"?
It's terrible that it's optional because it means that I cannot be sure in which mode that thing is operating right!?
But I love the idea: we need more physical tokens doing challenge/response and less "let me store this in my phone's 'master app of all the passwords'" snake oils.
However why oh why on earth is the YubiKey challenge/response optional?
Why can that thing work in a mode where it simply "dumps text"?
It's terrible that it's optional because it means that I cannot be sure in which mode that thing is operating right!?
But I love the idea: we need more physical tokens doing challenge/response and less "let me store this in my phone's 'master app of all the passwords'" snake oils.