Ubikey vs authy
The longer I work/using 1pw the more I love it.
One thing in this digital age is security wether it is by data company's, government and/or hackers security should be a issue of concern.
Now to upgrade my security seeing what is all in my 1pw account I have been using authy for a while and love it.
However authy is no guarantee to keep things save so after reading the advise here about yubikey my qn' is this.
On my iPad/iphone with touch id is it a added layer of protection to use yubikey in addition to authy.
It is easy to use, but as far as I can understand it all it gives another layer of protection while still being user friendly.
Please share your thoughts.
Thanks in advance.
Jo
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@Jo_ann77: I think it might help to take into account that you're not entrusting Authy with all of your account credentials, just the TOTP secret to generate a one-time password for two-factor authentication. That won't even decrypt anything. Both your Master Password and Secret Key are needed for that. And to use Yubikey with your 1Password account, that would just be replacing Authy to serve the same function with a dedicated hardware device, rather than an app on a hardware device. Certainly some people have a preference, but the security benefit is the same in both cases; it's how you handle it that makes all the difference, so either way keep your secrets safe. :)
0 -
How would you use the YubiKey on iPhone/iPad?
I know Yubico offers a new iOS SDK for a limited set of developers, but I don't think this is generally available right now?
0 -
Indeed. As far as I'm aware at the moment it isn't possible to have a Yubikey generate TOTP codes on iOS.
Ben
0 -
thank you all for the good feedback which as normal is much appreciated.
I find this subject difficult to get to grips with mainly due to the technical side of it not your fault.
I found this https://blog.1password.com/multi-factor-authentication-in-1password/ and never knew 1pw was able to use as a totp and I searched my 1pw membership login and could not find what this article talks about so where can I setup the totp so I can ditch authy.
Thanks0 -
@Jo_ann77 - make sure you're clear on what it is you're asking about here. You can use 1Password as a TOTP-code authenticator for websites you have accounts with, such as banks, Amazon, Facebook, Twitter, etc. The instructions to set that up on a site-by-site basis are here. You can also, if you have a 1password.com membership, set up 2FA on your 1password.com account itself, which can be done using these instructions. But these are not the same thing: the first is using 1Password for TOTP on other sites, the second is turning on TOTP (2FA) for your 1Password account itself.
0 -
How would you use the YubiKey on iPhone/iPad? I know Yubico offers a new iOS SDK for a limited set of developers, but I don't think this is generally available right now?
@XIII: I may have misunderstood, but my thought was that the Yubikey would just be used to generate the one-time password. Much lower barrier to entry. :)
thank you all for the good feedback which as normal is much appreciated. I find this subject difficult to get to grips with mainly due to the technical side of it not your fault.
@Jo_ann77: Hey, I understand completely. There's a lot of different stuff out there, and even Yubikey has a number of different ways of doing things. Sorry if I caused more confusion! :blush:
0
