They unveiled this at the conference today. Keys are generated on a phone/computer then stored on the Yubikey. For signing, the keys also need leave the device, hence "cool" keys. They are, for once, also open sourcing their key generation and signing code.
pull down to refresh
It's cool but I don't know why I need this. Why is it better than using a regular hardware wallet?
Better UX. If you've ever used a yubikey, it's easier to use than a hardware wallet.
except you can recover a hardware wallet
you can't recover a yubikey
Typically, you configure two yubikeys and keep them in separate locations.
There are big tradeoffs being made here, so I wouldn't diminish those, but you can back up the private key stored on Yubikey.
The Yubikey isn't a signing device. It's a storage device.
maybe you can recover from a backup file
but you can't deterministically rebuild from a seed phrase
yubikey can also be used to sign ssh, fido2, webauthn, pgp etc
edit - I see it is indeed a storage (not signing) device in this context
Ok. I will take your word for it. Never used one.
Good feedback
Likely oriented mostly towards pre-coiners. Why to buy another device for Bitcoin when you already have YubiKey?
An example of how useless it is.
A Yubikey is purchased and can disconnect 2FA, register a new key to the Internet service. After that, the service does not log out for a while, but when the web service suddenly requested a PIN from Yubikey, The local driver did not solve anything and together with Microsoft claimed that the PIN was not the original PIN.
I'm surprised, but it was not possible to log in to previously registered accounts such as gmail, id and others with that key. A factory reset will be performed because a different PIN must be generated. This is followed by re-registration and disconnection of the original service key registration, somewhere it is possible and somewhere they want the original physical key, with some services it is possible for free enter only one key and other services cannot even delete it. It is time consuming. According to the number of services. If the PIN is changed, then you can't log in and it's annoying.
For those Casa services, "Lockdown" would probably follow, then "Video verification to unlock". For standard accounts, Video Verification for Sensitive Actions is an impossible action. Then only with the Premia account and it's embarrassing and expensive.
#671434
Interesting. Been wondering if anyone would make use of YubiKey in the bitcoin space
Is this using biometrics or a PIN code?
Disclaimer: I had a yubikey many years ago, I haven't used the new ones
no.
UbiKey is just a keyboard that always spits the same text out. it only has one button, and so u plug it in and press the button and it spits out whatever string is stored on it.
They have new bio keys.
I guess my question is which hardware is being used.
I suspect you can use any yubikey that supports passcodes. It looks like they also allow/require pin encryption.
Looks like the user has to pay for a "service". How is the YubiKey communicating to the back end systems?
Determining if that’s true requires understanding passkeys and I don’t, but I’d guess your seed isn’t sent anywhere.
Interesting way of doing this, but is it very secure?
Is this for the purpose when someone doesn't want to forget their keys?
No one wants to forget their keys!
It's a great addon but my stock isn't that big till now! I can hardly invest $100 every month! When is the time do you think that we need to transfer our Stackers in our cold wallets? I've listened that fees are too high on the mainnet?