You should only use this method if you manually input a 4+ digit PIN at the end and not rely on just the YubiKey as it can be stolen/seized or key stolen off it.
Ok, I´m confused.... YubiKey should generate "password" like {static-user-'key'}+some randomness therefor the outcome would be different everything but you cant use it as password then, or is it build into truecrypt already???
The YubiKey usually generates a "one time password" that is validated against our servers and is very secure. However, for pre-boot disk encryption, there is no access to the server. So we have a free software program that allows you to re-program your YubiKey with a random 44 character static password. Not as strong as an OTP - the static key is great for TrueCrypt (that needs the same password every time) - because it is so simple to use and yet has 176 bits of entropy (randomness). John
@Fingerslan Yubikey version 2 can have two configurations, so you can keep the OTP capability and add another configuration for a static password. Which password you get depends on how long you press the Yubikey button: <2 seconds or ~5 seconds distinguishes them.
@YubiKey Hi there. Is it possible to have the yubikey doing the static password thingie for truecrypt AND still do OTP for the likes of lastpass and other services like that at the same time ? Thanks.
Superb stuff, well done yubico and well done SecurityNow for letting me know about this great product. One problem, I spent ages searching the net thinking it was "ubikey"
Excellent, I would also recommend putting that in your website's SEO aswell, thats where I had the most trouble, actually finding the correct site to purchase from. All the best, Ashley.
You should only use this method if you manually input a 4+ digit PIN at the end and not rely on just the YubiKey as it can be stolen/seized or key stolen off it.
bradbeckett 1 year ago 5
instead of kidnap you and torture you, ID theft now target ur yubikey for accessing your hibernate laptop. :)
dt9394 2 years ago
Ok, I´m confused.... YubiKey should generate "password" like {static-user-'key'}+some randomness therefor the outcome would be different everything but you cant use it as password then, or is it build into truecrypt already???
Long story short - how? :)
iisonly 3 years ago
The YubiKey usually generates a "one time password" that is validated against our servers and is very secure. However, for pre-boot disk encryption, there is no access to the server. So we have a free software program that allows you to re-program your YubiKey with a random 44 character static password. Not as strong as an OTP - the static key is great for TrueCrypt (that needs the same password every time) - because it is so simple to use and yet has 176 bits of entropy (randomness). John
YubiKey 2 years ago
Yeah, cool, found out it like 5-10 minutes after - did some googling :)
but thanks for replying, i think that i wasn't the first to hear about so late :)
iisonly 2 years ago
Hi, John:
does it mean that once yubikey was converted to a static password for Truecrypt, it will not have OTP to be validated against our SSL VPN server?
Fingerslan 2 years ago
@Fingerslan Yubikey version 2 can have two configurations, so you can keep the OTP capability and add another configuration for a static password. Which password you get depends on how long you press the Yubikey button: <2 seconds or ~5 seconds distinguishes them.
jbusco 10 months ago
@YubiKey Hi there. Is it possible to have the yubikey doing the static password thingie for truecrypt AND still do OTP for the likes of lastpass and other services like that at the same time ? Thanks.
gheatza 10 months ago
Superb stuff, well done yubico and well done SecurityNow for letting me know about this great product. One problem, I spent ages searching the net thinking it was "ubikey"
ashcaw 3 years ago 4
Thank you for this - we will add "ubikey" to our keyword list tomake it easier to find us!
John.
YubiKey 3 years ago
Excellent, I would also recommend putting that in your website's SEO aswell, thats where I had the most trouble, actually finding the correct site to purchase from. All the best, Ashley.
ashcaw 3 years ago