This isn’t strictly a privacy question as a security one, so I’m asking this in the context of individuals, not organizations.

I currently use OTP 2FA everywhere I can, though some services I use support hardware security keys like the Yubikey. Getting a hardware key may be slightly more convenient since I wouldn’t need to type anything in but could just press a button, but there’s added risk with losing the key (I can easily backup OTP configs).

Do any of you use hardware security keys? If so, do you have a good argument in favor or against specific keys? (e.g. Yubikey, Nitrokey, etc)

  • haui@lemmy.giftedmc.com
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Thats my configuration as well. I didnt think of the cache. Thanks for mentioning it.

    I do think having the mfa on there is risky as you factually disable mfa with it imo. Its basically 2 passwords in the same place.

    2nd issue: my vault has mfa as well for the admin account which I cant store in there for obvious reasons.

    So in combination I‘ll probably use a second vault to store these to keep them seperate. Will check out aegis for this.