I had been looking at Yubikeys, but was put off a bit by two things:KeePass has two variants on desktop platforms. There is the traditional KeePass program (currently version 2.57.1) based on Microsoft application development stack. There is a also a fork of KeePass, called KeePassXC. KeePassXC has similar capabilities, but it is more portable to Linux.
Theoretically speaking TOTP codes should not be managed by your password manager, since it would merge your second factor into the same password database. Thus compressing it to a single factor again. I prefer to manage my second factor with a Yubico Authenticator. I have one primary hardware key, and a backup hardware key. The backup hardware key should be stored in a safe deposit box.
1. Cost. At $50 apiece that's $100 for a primary and backup key. That seems a bit excessive.
2. Reliability/durability. Some people -- I think both here and on Amazon -- reported that Yubikey stopped working when the warranty expired. Also, the version I'd get -- the one to work with USB-A ports -- looks like those cheap Chinese flashdrives --- you know, the ones with the gold stripes on the outside. I got burned buying some of those. If the Yubikey looked more like a SanDisk flash drive, I'd have more faith in its reliability.
I will look at KeePassXC. The version of Keepass in my Linux repository was not compatible with the TOTP plug-in. It looks, overall, like KeePass is more oriented towards Windows.
Statistics: Posted by roamingzebra — Sat Oct 12, 2024 12:29 am