Re: crypto frobs

[Rob Seastrom]

> On Mar 23, 2020, at 8:48 PM, William Herrin  wrote:

>> If they *do* steal both,
>> they can bruteforce the SSH passphrase, but after 5 tries of guessing
>> the Yubikey PIN it self-destructs.
> 
> What yubikey are you talking about? I have a password protecting my
> ssh key but the yubikeys I've used (including the FIPS version) spit
> out a string of characters when you touch them. No pin.

https://www.yubico.com/products/identifying-your-yubikey/ 


The (presumably) Yubico OTP/OATH/HOTP string from a Yubikey that you may have 
picked up six years ago on a lark  doesn’t even begin to scratch the surface.

The integration with FIDO2 in the low-end models in OpenSSH 8.2 in particular 
is very spiffy (and not to be confused with PIV or OpenPGP mode.

-r

Re: crypto frobs

[John Kinsella]

To give it a mention, I’m a big fan of Duo Security. Auth requests are sent 
out-of-band to an authenticated app on your mobile device, you verify the 
request, then that’s sent back to the duo server and then to the requestor. 
I’ve used it with ssh and radius and it worked well.

Microsoft’s Authenticator app is interesting - a number is displayed in the app 
you’re trying to authenticate to, and you have to pick the same number in the 
app to prove before the app authenticates the request…but I don’t see that tech 
as being adopted by the networking folks...

In the end it comes down to what you need to secure, and how much effort you’re 
going to put into it. A yubikey/etc mitigates a risk of credential theft in a 
cheap, portable way that is frequently Good Enough.

John 

> On Mar 24, 2020, at 2:55 AM, John Covici  wrote:
> 
> How about a new technology I have heard about called sqrl.  See
> https://sqrl.grc.com for more information.  It overcomes a lot of the
> problems discussed here.
> 
> On Mon, 23 Mar 2020 22:22:18 -0400,
> Michael Loftis wrote:
>> 
>> [1  ]
>> On Mon, Mar 23, 2020 at 20:08 Michael Loftis  wrote:
>> 
>>> 
>>> 
>>> On Mon, Mar 23, 2020 at 18:50 William Herrin  wrote:
>>> 
 On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
> Well, yes and no. With a Yubiikey the attacker  has to be local to
> physically touch the button[0] - with just an SSH key, anyone who gets
> access to the machine can take my key and use it. This puts it in the
> "something you have" (not something you are) camp.
 
 Hi Warren,
 
 They're both "something you have" factors. The yubi key proves
 possession better than the ssh key just like a long password proves
 what-you-know better than a 4-digit PIN. But the ssh key and the yubi
 key are still part of the same authentication factor.
 
 
> Not really -- if an attacker steals my laptop, they don't have the
> yubikey (unless I store it in the USB port).
 
 You make a habit of removing your yubi key from the laptop when nature
 calls? No you don't.
 
 
> If they *do* steal both,
> they can bruteforce the SSH passphrase, but after 5 tries of guessing
> the Yubikey PIN it self-destructs.
 
 What yubikey are you talking about? I have a password protecting my
 ssh key but the yubikeys I've used (including the FIPS version) spit
 out a string of characters when you touch them. No pin.
 
>>> 
>>> The yubikey does many things depending on how it’s configured. None of
>>> mine use the touch to spit out OTP mode, that is the factory mode though
>>> yes. Other modes can be password protected (it uses the PIN nomenclature
>>> which is confusing, it definitely accepts ASCII and nay even take binary
>>> data as a PIN depending on mode of operation) — it can present as industry
>>> standard smart card ( I have one with a pin/password for code signing in
>>> Visual Studio f/ex...along with a backup kept locked elsewhere)
>>> 
>> 
>> 
>> Replying to myself to clarify a bit... the PKI/SSL private keys are on the
>> Yubikey, password protected, signing is accomplished by VS passing the bits
>> to be signed to the smart card application on the yubikey, which requires a
>> password to enable/unlock. On the yubikey Depending on configuration this
>> is a just once operation typically. So each signing op requires a password
>> entry. But it could be configured diffferebtly. By only keeping the private
>> keys on the yubikey it’s something you have (the yubikey) and something you
>> know (the password)... the yubikey (barring software bugs obviously) will
>> not expose the private key, it only does the signing op.
>> 
>> That same yubikey has a separate app and trust store in OpenGPG mode, which
>> does signing for ssh pubkey auth, with a different private key. Same key
>> also does FIDO, another application with another key store.
>> 
>> The same key doing all that could also have a “long touch” to spit out an
>> OTP.
>> 
>> 
>> 
 Regards,
 Bill Herrin
 
 
 --
 William Herrin
 b...@herrin.us
 https://bill.herrin.us/
 
>>> --
>> 
>> "Genius might be described as a supreme capacity for getting its possessors
>> into trouble of all kinds."
>> -- Samuel Butler
>> [2  ]
> 
> -- 
> Your life is like a penny.  You're going to lose it.  The question is:
> How do
> you spend it?
> 
> John Covici wb2una
> cov...@ccs.covici.com

Re: crypto frobs

[Tom Beecher]

>
> What yubikey are you talking about? I have a password protecting my
> ssh key but the yubikeys I've used (including the FIPS version) spit
> out a string of characters when you touch them. No pin.
>

PIV enabled ones have pins if you are using that functionality.

On Mon, Mar 23, 2020 at 8:51 PM William Herrin  wrote:

> On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
> > Well, yes and no. With a Yubiikey the attacker  has to be local to
> > physically touch the button[0] - with just an SSH key, anyone who gets
> > access to the machine can take my key and use it. This puts it in the
> > "something you have" (not something you are) camp.
>
> Hi Warren,
>
> They're both "something you have" factors. The yubi key proves
> possession better than the ssh key just like a long password proves
> what-you-know better than a 4-digit PIN. But the ssh key and the yubi
> key are still part of the same authentication factor.
>
>
> > Not really -- if an attacker steals my laptop, they don't have the
> > yubikey (unless I store it in the USB port).
>
> You make a habit of removing your yubi key from the laptop when nature
> calls? No you don't.
>
>
> > If they *do* steal both,
> > they can bruteforce the SSH passphrase, but after 5 tries of guessing
> > the Yubikey PIN it self-destructs.
>
> What yubikey are you talking about? I have a password protecting my
> ssh key but the yubikeys I've used (including the FIPS version) spit
> out a string of characters when you touch them. No pin.
>
> Regards,
> Bill Herrin
>
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
>

Re: crypto frobs

[John Covici]

How about a new technology I have heard about called sqrl.  See
https://sqrl.grc.com for more information.  It overcomes a lot of the
problems discussed here.

On Mon, 23 Mar 2020 22:22:18 -0400,
Michael Loftis wrote:
> 
> [1  ]
> On Mon, Mar 23, 2020 at 20:08 Michael Loftis  wrote:
> 
> >
> >
> > On Mon, Mar 23, 2020 at 18:50 William Herrin  wrote:
> >
> >> On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
> >> > Well, yes and no. With a Yubiikey the attacker  has to be local to
> >> > physically touch the button[0] - with just an SSH key, anyone who gets
> >> > access to the machine can take my key and use it. This puts it in the
> >> > "something you have" (not something you are) camp.
> >>
> >> Hi Warren,
> >>
> >> They're both "something you have" factors. The yubi key proves
> >> possession better than the ssh key just like a long password proves
> >> what-you-know better than a 4-digit PIN. But the ssh key and the yubi
> >> key are still part of the same authentication factor.
> >>
> >>
> >> > Not really -- if an attacker steals my laptop, they don't have the
> >> > yubikey (unless I store it in the USB port).
> >>
> >> You make a habit of removing your yubi key from the laptop when nature
> >> calls? No you don't.
> >>
> >>
> >> > If they *do* steal both,
> >> > they can bruteforce the SSH passphrase, but after 5 tries of guessing
> >> > the Yubikey PIN it self-destructs.
> >>
> >> What yubikey are you talking about? I have a password protecting my
> >> ssh key but the yubikeys I've used (including the FIPS version) spit
> >> out a string of characters when you touch them. No pin.
> >>
> >
> > The yubikey does many things depending on how it’s configured. None of
> > mine use the touch to spit out OTP mode, that is the factory mode though
> > yes. Other modes can be password protected (it uses the PIN nomenclature
> > which is confusing, it definitely accepts ASCII and nay even take binary
> > data as a PIN depending on mode of operation) ― it can present as industry
> > standard smart card ( I have one with a pin/password for code signing in
> > Visual Studio f/ex...along with a backup kept locked elsewhere)
> >
> 
> 
> Replying to myself to clarify a bit... the PKI/SSL private keys are on the
> Yubikey, password protected, signing is accomplished by VS passing the bits
> to be signed to the smart card application on the yubikey, which requires a
> password to enable/unlock. On the yubikey Depending on configuration this
> is a just once operation typically. So each signing op requires a password
> entry. But it could be configured diffferebtly. By only keeping the private
> keys on the yubikey it’s something you have (the yubikey) and something you
> know (the password)... the yubikey (barring software bugs obviously) will
> not expose the private key, it only does the signing op.
> 
> That same yubikey has a separate app and trust store in OpenGPG mode, which
> does signing for ssh pubkey auth, with a different private key. Same key
> also does FIDO, another application with another key store.
> 
> The same key doing all that could also have a “long touch” to spit out an
> OTP.
> 
> 
> 
> >> Regards,
> >> Bill Herrin
> >>
> >>
> >> --
> >> William Herrin
> >> b...@herrin.us
> >> https://bill.herrin.us/
> >>
> > --
> 
> "Genius might be described as a supreme capacity for getting its possessors
> into trouble of all kinds."
> -- Samuel Butler
> [2  ]

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: crypto frobs

[Michael Loftis]

On Mon, Mar 23, 2020 at 20:08 Michael Loftis  wrote:

>
>
> On Mon, Mar 23, 2020 at 18:50 William Herrin  wrote:
>
>> On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
>> > Well, yes and no. With a Yubiikey the attacker  has to be local to
>> > physically touch the button[0] - with just an SSH key, anyone who gets
>> > access to the machine can take my key and use it. This puts it in the
>> > "something you have" (not something you are) camp.
>>
>> Hi Warren,
>>
>> They're both "something you have" factors. The yubi key proves
>> possession better than the ssh key just like a long password proves
>> what-you-know better than a 4-digit PIN. But the ssh key and the yubi
>> key are still part of the same authentication factor.
>>
>>
>> > Not really -- if an attacker steals my laptop, they don't have the
>> > yubikey (unless I store it in the USB port).
>>
>> You make a habit of removing your yubi key from the laptop when nature
>> calls? No you don't.
>>
>>
>> > If they *do* steal both,
>> > they can bruteforce the SSH passphrase, but after 5 tries of guessing
>> > the Yubikey PIN it self-destructs.
>>
>> What yubikey are you talking about? I have a password protecting my
>> ssh key but the yubikeys I've used (including the FIPS version) spit
>> out a string of characters when you touch them. No pin.
>>
>
> The yubikey does many things depending on how it’s configured. None of
> mine use the touch to spit out OTP mode, that is the factory mode though
> yes. Other modes can be password protected (it uses the PIN nomenclature
> which is confusing, it definitely accepts ASCII and nay even take binary
> data as a PIN depending on mode of operation) — it can present as industry
> standard smart card ( I have one with a pin/password for code signing in
> Visual Studio f/ex...along with a backup kept locked elsewhere)
>


Replying to myself to clarify a bit... the PKI/SSL private keys are on the
Yubikey, password protected, signing is accomplished by VS passing the bits
to be signed to the smart card application on the yubikey, which requires a
password to enable/unlock. On the yubikey Depending on configuration this
is a just once operation typically. So each signing op requires a password
entry. But it could be configured diffferebtly. By only keeping the private
keys on the yubikey it’s something you have (the yubikey) and something you
know (the password)... the yubikey (barring software bugs obviously) will
not expose the private key, it only does the signing op.

That same yubikey has a separate app and trust store in OpenGPG mode, which
does signing for ssh pubkey auth, with a different private key. Same key
also does FIDO, another application with another key store.

The same key doing all that could also have a “long touch” to spit out an
OTP.



>> Regards,
>> Bill Herrin
>>
>>
>> --
>> William Herrin
>> b...@herrin.us
>> https://bill.herrin.us/
>>
> --

"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler

Re: crypto frobs

[Michael Loftis]

On Mon, Mar 23, 2020 at 18:50 William Herrin  wrote:

> On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
> > Well, yes and no. With a Yubiikey the attacker  has to be local to
> > physically touch the button[0] - with just an SSH key, anyone who gets
> > access to the machine can take my key and use it. This puts it in the
> > "something you have" (not something you are) camp.
>
> Hi Warren,
>
> They're both "something you have" factors. The yubi key proves
> possession better than the ssh key just like a long password proves
> what-you-know better than a 4-digit PIN. But the ssh key and the yubi
> key are still part of the same authentication factor.
>
>
> > Not really -- if an attacker steals my laptop, they don't have the
> > yubikey (unless I store it in the USB port).
>
> You make a habit of removing your yubi key from the laptop when nature
> calls? No you don't.
>
>
> > If they *do* steal both,
> > they can bruteforce the SSH passphrase, but after 5 tries of guessing
> > the Yubikey PIN it self-destructs.
>
> What yubikey are you talking about? I have a password protecting my
> ssh key but the yubikeys I've used (including the FIPS version) spit
> out a string of characters when you touch them. No pin.
>

The yubikey does many things depending on how it’s configured. None of mine
use the touch to spit out OTP mode, that is the factory mode though yes.
Other modes can be password protected (it uses the PIN nomenclature which
is confusing, it definitely accepts ASCII and nay even take binary data as
a PIN depending on mode of operation) — it can present as industry standard
smart card ( I have one with a pin/password for code signing in Visual
Studio f/ex...along with a backup kept locked elsewhere)

>
> Regards,
> Bill Herrin
>
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
>
-- 

"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler

Re: crypto frobs

[William Herrin]

On Mon, Mar 23, 2020 at 5:16 PM Warren Kumari  wrote:
> Well, yes and no. With a Yubiikey the attacker  has to be local to
> physically touch the button[0] - with just an SSH key, anyone who gets
> access to the machine can take my key and use it. This puts it in the
> "something you have" (not something you are) camp.

Hi Warren,

They're both "something you have" factors. The yubi key proves
possession better than the ssh key just like a long password proves
what-you-know better than a 4-digit PIN. But the ssh key and the yubi
key are still part of the same authentication factor.


> Not really -- if an attacker steals my laptop, they don't have the
> yubikey (unless I store it in the USB port).

You make a habit of removing your yubi key from the laptop when nature
calls? No you don't.


> If they *do* steal both,
> they can bruteforce the SSH passphrase, but after 5 tries of guessing
> the Yubikey PIN it self-destructs.

What yubikey are you talking about? I have a password protecting my
ssh key but the yubikeys I've used (including the FIPS version) spit
out a string of characters when you touch them. No pin.

Regards,
Bill Herrin


-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: crypto frobs

[Warren Kumari]

On Mon, Mar 23, 2020 at 7:57 PM William Herrin  wrote:
>
> > On 3/23/20 3:53 PM, Sabri Berisha wrote:
> > In my experience, yubikeys are not very secure. I know of someone in my 
> > team who would generate a few hundred tokens during a meeting and save the 
> > output in a text file. Then they'd have a small python script which was 
> > triggered by a hotkey on my macbook to push "keyboard" input. They did this 
> > because the org they were working for would make you use yubikey auth for 
> > pretty much everything, including updating a simple internal Jira ticket.
>
> Meh. Here's a better example of bad:
>
> SSH Key Auth + Yubi key.
>
> This isn't two-factor authentication folks, it's just 1-factor: what
> you have.

Well, yes and no. With a Yubiikey the attacker  has to be local to
physically touch the button[0] - with just an SSH key, anyone who gets
access to the machine can take my key and use it. This puts it in the
"something you have" (not something you are) camp.

> You have an ssh private key. You have a yubi key. Same
> factor. Either one proves you have possession of something only the
> user should have. Proving two does not appreciably change the
> probability that you are you.
>
> For two factor auth, you actually have to use an additional factor.
> Something from the what you know factor (e.g. a password) or the what
> you are factor (e.g. a fingerprint).
>
> Just like a password and a pin isn't two factor. It's exactly the same
> as having a single longer password and subject to the same general
> types of compromise.

Not really -- if an attacker steals my laptop, they don't have the
yubikey (unless I store it in the USB port). If they *do* steal both,
they can bruteforce the SSH passphrase, but after 5 tries of guessing
the Yubikey PIN it self-destructs.
This makes it very different to a longer passphrase.

W
[0]: Yes, obviously an attacker who has root on a machine could trojan
the ssh binary, change the OS to make it play Nyancat through the
speaker, etc... but that's true for any solution...

>
> Regards,
> Bill Herrin
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

Re: crypto frobs

[William Herrin]

> On 3/23/20 3:53 PM, Sabri Berisha wrote:
> In my experience, yubikeys are not very secure. I know of someone in my team 
> who would generate a few hundred tokens during a meeting and save the output 
> in a text file. Then they'd have a small python script which was triggered by 
> a hotkey on my macbook to push "keyboard" input. They did this because the 
> org they were working for would make you use yubikey auth for pretty much 
> everything, including updating a simple internal Jira ticket.

Meh. Here's a better example of bad:

SSH Key Auth + Yubi key.

This isn't two-factor authentication folks, it's just 1-factor: what
you have. You have an ssh private key. You have a yubi key. Same
factor. Either one proves you have possession of something only the
user should have. Proving two does not appreciably change the
probability that you are you.

For two factor auth, you actually have to use an additional factor.
Something from the what you know factor (e.g. a password) or the what
you are factor (e.g. a fingerprint).

Just like a password and a pin isn't two factor. It's exactly the same
as having a single longer password and subject to the same general
types of compromise.

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: crypto frobs

[Christopher Morrow]

On Mon, Mar 23, 2020 at 7:34 PM George Michaelson  wrote:
>
> I don't see SKEY style OTP lists as inherently bad. "its how you do
> it" which concerns me, not that it is done.
>

trust your users to always ALWAYS find the worst way to use the product.

Note the label on bleach bottles: "Do not lick"
or coffee cups: "Caution: contents hot"
:( I agree that 'consenting adults' can do this properly, it's when people
really want to find their own way thatwe end having this dicsussion :(


> -G
>
> On Tue, Mar 24, 2020 at 9:33 AM Christopher Morrow
>  wrote:
> >
> > On Mon, Mar 23, 2020 at 7:00 PM Michael Thomas  wrote:
> > >
> > > On 3/23/20 3:53 PM, Sabri Berisha wrote:
> > >
> > > Hi,
> > >
> > > In my experience, yubikeys are not very secure. I know of someone in my 
> > > team who would generate a few hundred tokens during a meeting and save 
> > > the output in a text file. Then they'd have a small python script which 
> > > was triggered by a hotkey on my macbook to push "keyboard" input. They 
> > > did this because the org they were working for would make you use yubikey 
> > > auth for pretty much everything, including updating a simple internal 
> > > Jira ticket.
> > >
> >
> > this is not: "yubikey is bad" as much as: "The user using the yubikey is 
> > bad"
> > Admittedly perhaps: "every time new token" sucks, and that's what (I
> > think michael thomas is saying below), but certainly the yubikey could
> > have been used for TOTP instead of HOTP and the user in question would
> > have been out of luck, right? :)
> >
> > Almost all security 'features' are a trade-off between: "get stuff
> > done" and "get stuff done with an extra hop", making the 'extra hop'
> > as simple and natural as possible makes people less likely to do dumb
> > things like:
> >   1) pregen a crapload of tokens, store them on their probably
> > compromised laptop...
> >   2) aim a webcam at their rsa token and watch the change remotely
> >   3) hot-dog and sipping-bird toy to touch the thingy on their yubikey
> > token every X seconds...
> >
> > >
> > > One of the things that got lost in the Webauthn stuff is that passwords 
> > > per se are not bad. It's passwords being sent over the wire. In 
> > > combination with reuse, that is the actual problem. Webauthn supposedly 
> > > allows use of passwords to unlock a local credential store, but it is so 
> > > heavily focused dongles that it's really hard to figure out for a normal 
> > > website that just want to get rid of the burden of  remote passwords.
> > >
> > > Mike

Re: crypto frobs

[George Michaelson]

I don't see SKEY style OTP lists as inherently bad. "its how you do
it" which concerns me, not that it is done.

-G

On Tue, Mar 24, 2020 at 9:33 AM Christopher Morrow
 wrote:
>
> On Mon, Mar 23, 2020 at 7:00 PM Michael Thomas  wrote:
> >
> > On 3/23/20 3:53 PM, Sabri Berisha wrote:
> >
> > Hi,
> >
> > In my experience, yubikeys are not very secure. I know of someone in my 
> > team who would generate a few hundred tokens during a meeting and save the 
> > output in a text file. Then they'd have a small python script which was 
> > triggered by a hotkey on my macbook to push "keyboard" input. They did this 
> > because the org they were working for would make you use yubikey auth for 
> > pretty much everything, including updating a simple internal Jira ticket.
> >
>
> this is not: "yubikey is bad" as much as: "The user using the yubikey is bad"
> Admittedly perhaps: "every time new token" sucks, and that's what (I
> think michael thomas is saying below), but certainly the yubikey could
> have been used for TOTP instead of HOTP and the user in question would
> have been out of luck, right? :)
>
> Almost all security 'features' are a trade-off between: "get stuff
> done" and "get stuff done with an extra hop", making the 'extra hop'
> as simple and natural as possible makes people less likely to do dumb
> things like:
>   1) pregen a crapload of tokens, store them on their probably
> compromised laptop...
>   2) aim a webcam at their rsa token and watch the change remotely
>   3) hot-dog and sipping-bird toy to touch the thingy on their yubikey
> token every X seconds...
>
> >
> > One of the things that got lost in the Webauthn stuff is that passwords per 
> > se are not bad. It's passwords being sent over the wire. In combination 
> > with reuse, that is the actual problem. Webauthn supposedly allows use of 
> > passwords to unlock a local credential store, but it is so heavily focused 
> > dongles that it's really hard to figure out for a normal website that just 
> > want to get rid of the burden of  remote passwords.
> >
> > Mike

Re: crypto frobs

[Christopher Morrow]

On Mon, Mar 23, 2020 at 7:00 PM Michael Thomas  wrote:
>
> On 3/23/20 3:53 PM, Sabri Berisha wrote:
>
> Hi,
>
> In my experience, yubikeys are not very secure. I know of someone in my team 
> who would generate a few hundred tokens during a meeting and save the output 
> in a text file. Then they'd have a small python script which was triggered by 
> a hotkey on my macbook to push "keyboard" input. They did this because the 
> org they were working for would make you use yubikey auth for pretty much 
> everything, including updating a simple internal Jira ticket.
>

this is not: "yubikey is bad" as much as: "The user using the yubikey is bad"
Admittedly perhaps: "every time new token" sucks, and that's what (I
think michael thomas is saying below), but certainly the yubikey could
have been used for TOTP instead of HOTP and the user in question would
have been out of luck, right? :)

Almost all security 'features' are a trade-off between: "get stuff
done" and "get stuff done with an extra hop", making the 'extra hop'
as simple and natural as possible makes people less likely to do dumb
things like:
  1) pregen a crapload of tokens, store them on their probably
compromised laptop...
  2) aim a webcam at their rsa token and watch the change remotely
  3) hot-dog and sipping-bird toy to touch the thingy on their yubikey
token every X seconds...

>
> One of the things that got lost in the Webauthn stuff is that passwords per 
> se are not bad. It's passwords being sent over the wire. In combination with 
> reuse, that is the actual problem. Webauthn supposedly allows use of 
> passwords to unlock a local credential store, but it is so heavily focused 
> dongles that it's really hard to figure out for a normal website that just 
> want to get rid of the burden of  remote passwords.
>
> Mike

crypto frobs

[Michael Thomas]

On 3/23/20 3:53 PM, Sabri Berisha wrote:

Hi,

In my experience, yubikeys are not very secure. I know of someone in 
my team who would generate a few hundred tokens during a meeting and 
save the output in a text file. Then they'd have a small python script 
which was triggered by a hotkey on my macbook to push "keyboard" 
input. They did this because the org they were working for would make 
you use yubikey auth for pretty much everything, including updating a 
simple internal Jira ticket.



One of the things that got lost in the Webauthn stuff is that passwords 
per se are not bad. It's passwords being sent over the wire. In 
combination with reuse, that is the actual problem. Webauthn supposedly 
allows use of passwords to unlock a local credential store, but it is so 
heavily focused dongles that it's really hard to figure out for a normal 
website that just want to get rid of the burden of  remote passwords.


Mike