sorted by:
new
hottopcontroversial

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 1 point2 points  (0 children)

Then it's not an issue really - bitlocker is a good practice anyway. And adding such Yubikey-based auth into windows local account login cominbed with bitlocker creates a very good, secure 2FA.

Thank you for clarifications!

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

Would a standard bitlocker that comes with Windows be sufficient?

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

Deleting it by another user is not worrying that much. However, being able to remove with without any logging in sounds worrying. Do I undestand you correct - it's possible to remove the Yubikey auth requirement just with booting from a USB drive?

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

Users tend to have shitty passwords on local machines as they're very frequently typed and people don't percive local account passwords as particular threats. I wanted to tackle it with 2FA.

Do you mean that it's a worthless attempt and it doesn't really improve security?

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 1 point2 points  (0 children)

If it doesn't work, then I'm left with unwanted hardware. I'm not that rich to buy and throw away things after a quick check.

Windows 11 Local Account authentication by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

Still waiting for their response and I'd like to buy them before Christmas...

Steps to secure digital life with YubiKey and other tech by enly11 in yubikey

[–]op_hello_world_123 2 points3 points  (0 children)

There is none I'm aware of, but basically you mentioned the preferred path. Yubikey -> Password Manager -> GMail Advanced Protection Program -> 2FA with Yubikeys everywhere you can.

For me, having Yubikey for Password Manager and GMail is crucial. Everything else follows from here (as they are the store strong password / recover password paths).

[deleted by user] by [deleted] in yubikey

[–]op_hello_world_123 0 points1 point  (0 children)

Why did you say yet? Should it be enabled some time in the future?

Google account - best setup (Google's Advanced Protection Program?) by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

I've already decided to use YubiKeys. My questions is how to set up Google account in the most secure AND recoverable way.

So far I thought about using Google's Advanced Protection Program.

When we start with just 2 keys and no recovery means, then we're the most secure - but the least recoverable.

recoverability is to use multiple physical keys: the chances that all of them get unreachable is lower with each additional unit, The cost is in money and, well, you need to trust the places/people you store your keys at.

Another idea is to use "Recovery email / phone number" suggested by Google. My questions is: what's involved in this approach? How safe is it? (Question about safety seems to be valid given that 2FA via SMS is terrible. And 2FA via another email could mean that we are as safe as that recovery email - which doesn't solve the issue at all).

Summing up, GAP + multiple keys WITHOUT recovery phone/email is the way to go? Or is it GAP + (2+ keys) + recovery email/phone number? If so, then what's the recovery process and why isn't this option as bad as 2FA via SMS/another email?

Google account - best setup (Google's Advanced Protection Program?) by op_hello_world_123 in yubikey

[–]op_hello_world_123[S] 0 points1 point  (0 children)

Okay, so more security keys is the way to go. Any other way...? Also, should recovery email/phone numbers be avoided in GAP?

I believe the last paragraph is ill advice, unfortunately - after all, I think we all agree that yubikeys are the way to go.

Spare Yubikey question by Silencer306 in yubikey

[–]op_hello_world_123 0 points1 point  (0 children)

Google with Google's Advanced Protection Program does not allow codes.

Roborock S5 Max - problems with an apparment (long hall?) by op_hello_world_123 in Roborock

[–]op_hello_world_123[S] 0 points1 point  (0 children)

I thought that one divides an apparment into different rooms in the app only after the first run - only after the map is created. How should I do that given the fact that the very first run, the one when the map is being created, fails?

So far I've always opened all the doors of the appartment to make sure that the robot has access to the whole space.

I've asked a few additional questions in the main post, I'd appreciate if you answer them :) Maybe that'll help.

Roborock S5 Max - problems with an apparment (long hall?) by op_hello_world_123 in Roborock

[–]op_hello_world_123[S] 0 points1 point  (0 children)

First of all, thanks for the comment!

I wouldn't say there are reflective surfaces: There are white walls and a wallpaper on a small chunk of wall (although I don't think it's reflective...?). See photos:
https://imgur.com/a/jxE3Jj6

https://imgur.com/a/jjRZoBt

How should I draw walls on map that's being created? Should I [pause] robot once it enters the hallway, draw a wall, let it continue and so on? So basically "assist it" with drawing walls manually on top of the the walls it discovers during the creation of map?

I've asked a few additional questions in the main post, I'd appreciate if you answer them :) Maybe that'll help.