Hacker News new | past | comments | ask | show | jobs | submit login

It's just another layer on top of an already well built crypto system.

It can prevent someone that gains physical access to your yubikey from easily using the device. It might not stop a very advanced attacker, but it at least makes things more difficult.




Didn't the password do that already? The one that can be changed?


No. Passwords can be phished. Even password+OTP has proven to be weak. This cannot be phished, and it’s far more user-friendly.

The fingerprint is not a password replacement. The yubikey is a password replacement. The fingerprint prevents a random person from using your yubikey before you notice that it’s gone and you revoke it.


Passwords can be used from anywhere. Keys cannot. That is the attack this blocks.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: