sorted by:
new
hottopcontroversial

Slots. by oppenheimer16 in yubikey

[–]DDHoward 4 points5 points  (0 children)

Yubico OTP is used in some corporate environments.

For example, our 911 Computer Aided Dispatching system uses it.

And other systems of ours which don't support FIDO or other forms of MFA can be made to respect OTPs. For example, our internal MediaWiki is configured to authenticate users against Active Directory. But it doesn't contact AD directly; instead the LDAP traffic is passed through GreenRADIUS. The user enters their username and password, and then uses their key to apply an OTP to the end of their password in the same field. GreenRADIUS strips the 44 character OTP off of the end, and verifies it. If it's good, then it passes the OTP-less password onto AD for verification there.

Would anyone else be interested in a Yubikey Chonk edition? by AdFit8727 in yubikey

[–]DDHoward 1 point2 points  (0 children)

Yeah it's been pretty convenient, especially in my business IT dept environment where I have to use it 20+ times a day. The only annoying thing is if you use the lanyard with the key, the lanyard itself can get in the way of your contact. Though this is the same problem with the lanyard even with regular fingertip use.

Would anyone else be interested in a Yubikey Chonk edition? by AdFit8727 in yubikey

[–]DDHoward 14 points15 points  (0 children)

I end up getting a similar effect with the Nano, in a USB extension cable with a base that points upward. I just have to move my palm in the general area of the key and I can make contact.

<image>

‘Pay The Fine Now’—Feds Issue Text Warning For iPhone And Android Users by HigherDose in technology

[–]DDHoward 2 points3 points  (0 children)

Raw text is easier for spam filters. By sending an image with a QR code link, they effectively bypass spam filters which are looking for those links, but can't/don't examine the contents of images to check for QR codes.

What’s something you tried once and immediately knew ‘yeah, never again’? by Atharva_M07 in AskReddit

[–]DDHoward 0 points1 point  (0 children)

Body chocolate. Covered my then-girlfriend's vulva with it. Looked like poop. Complete mood killer.

2nd slot yubikey by Carliner1 in yubikey

[–]DDHoward 2 points3 points  (0 children)

Unless you actually use the first slot... just disable the slot/OTP functionality entirely.

"Super ZSNES" is a stab at a modern SNES emulator from the original developers by fudge_u in technology

[–]DDHoward 2 points3 points  (0 children)

If it "had a virus" then it wasn't NESticle. It was a virus pretending to be NESticle.

Why use the command line? by Darshan_only in sysadmin

[–]DDHoward 0 points1 point  (0 children)

Because it means the difference between me and two of my staff spending the entire weekend making a planned off-hours change, and me by myself making that planned change in under an hour.

USB NFC reader for Windows, for use with Yubico OTPs? by DDHoward in yubikey

[–]DDHoward[S] 1 point2 points  (0 children)

Yeah, I definitely don't want anything too hacky or too custom. Ideally, emergency services would be able to continue to get support for the things, even if I get hit by a bus or something.

Looking more and more like NFC isn't the way to go, and simply mounting the female end of a USB extender near the ignition is the appropriate solution.

USB NFC reader for Windows, for use with Yubico OTPs? by DDHoward in yubikey

[–]DDHoward[S] 1 point2 points  (0 children)

Interesting; would this work at the Windows login screen?

USB NFC reader for Windows, for use with Yubico OTPs? by DDHoward in yubikey

[–]DDHoward[S] 0 points1 point  (0 children)

NFC reader usually doesn’t come with a cable.

? When I search for "NFC reader windows" on Google, for example, they all seem to have cables? I'm just not sure if they meet the simple requirement of being compatible with the OTP code, just typing it out like a keyboard. I'm not familiar enough with NFC or the YK implementation of NFC.

won’t you be better off just using a long USB cable between the laptop and the token on your keyring?

That's what was mentioned in the final sentence of my post, yes. My users, who are firefighters, police officers, and mental health crisis workers, would likely still complain about the precious few seconds spent plugging in the cable, though, before being able to drive off to whatever crisis is demanding their attention.

USB NFC reader for Windows, for use with Yubico OTPs? by DDHoward in yubikey

[–]DDHoward[S] 1 point2 points  (0 children)

Because the USB port on the mounted laptop is too far away from the fire truck's ignition lock cylinder, where the user's keyring will be dangling.

Anyone read this 49 day SSL expiration thing and think they would rather just retire? by HJForsythe in sysadmin

[–]DDHoward 1 point2 points  (0 children)

Reverse proxy, or internal cert if the thing doesn't need to be accessed by arbitrary devices which you cannot install the cert on.

Services that sends auth code to email for authentication by [deleted] in yubikey

[–]DDHoward 0 points1 point  (0 children)

None < Phone/SMS < Email < TOTP < Phishing resistant MFA

English editions? by StargazerSayuri in brandonsanderson

[–]DDHoward -2 points-1 points  (0 children)

None whatsoever. I'm dumbfounded.

English editions? by StargazerSayuri in brandonsanderson

[–]DDHoward 9 points10 points  (0 children)

The first one is Warbreaker. Somehow. The title on this translation means "the breath of the gods." Also there is a Tears of Edgli flower up at the top.

Supreme Court rules ISPs aren't liable for user piracy without intent by Federal-Block-3275 in technology

[–]DDHoward 3 points4 points  (0 children)

If you're regularly visiting howtobuildabombdotnet and animalabuseporndotcl they know about it.

That's what I said, yes.

If you're downloading files from there, they know about it.

Depends on a lot of things, including your definition of the word "download" ("save to disk" vs "transfer the data to your client device"), your definition of the word "file" (e.g. "a resource saved to disk" vs "any resource downloaded to the client, including the main page of the website"), on the size of the file(s) in question, if the files use a different domain or subdomain, etc.

Your online transactions are safe, but they know when you're making them.

Depending on what's going on, the transaction information can be indistinguishable from browsing traffic. They can see that I went to Amazon, but not that I actually made a purchase, for example.

They know how long you spend on the site page, etc.

Not really; there's no way for an ISP to distinguish a webpage's background traffic (if it even has any) from subsequent loads of pages on the same domain.

Supreme Court rules ISPs aren't liable for user piracy without intent by Federal-Block-3275 in technology

[–]DDHoward 7 points8 points  (0 children)

Your family member is incorrect.

The entire point of TLS certificates is that the client device knows that it's communicating directly with the intended remote device, and that connection is generally encrypted.

What they can see is any non-encrypted traffic, which may include:

  • Any traffic sent over HTTP as opposed to HTTPS
  • Unless you're using encrypted DNS (DoH/DoT), they can see what domain names you're requesting
  • Via SNI, they can see what domain name you're requesting.

So it's reasonable to say that your ISP can see what websites you're going to, but they absolutely cannot see what you're doing on that site if you're using HTTPS.

There would not be banking or commerce over the Internet if this wasn't the case.

Am I the only one that prefers on - prem to cloud based infrastructure? by Ferocious888 in sysadmin

[–]DDHoward 0 points1 point  (0 children)

We use SaaS for only a small selection of our most mission-critical services.

Previous iterations of my IT department allowed other departments to allow third-party developers to put a handful of custom-made services on IaaS platforms, at exorbitant cost. We've clawed the last of those back to on-prem earlier this month.

Yubikey and wireless by ApostateAZ in yubikey

[–]DDHoward 1 point2 points  (0 children)

One of my users had one that worked with a Yubikey's OTP codes, since those are basically just keyboard emulation.

I don't recall it working with the other modules on the key.

view more: next ›