Rgbeard
En-Route
- Joined
- Aug 26, 2017
- Messages
- 4,294
- Location
- Phoenix, AZ and Ensenada, Mexico
- Display Name
Display name:
rgbeard
Yet, I seem to spend as much time signing in-and-out of it as I did other crap.
Dunno why the online world can't just move to USB tokens and be done with it.
Sounds great -- another small thing for me to lose, and another adapter to carry around for my phone. Sign me up!Dunno why the online world can't just move to USB tokens and be done with it.
Maybe because plenty of devices don't have USB ports, and lots of the ones that do have the USB ports disabled by security policy.Dunno why the online world can't just move to USB tokens and be done with it.
Dunno why the online world can't just move to USB tokens and be done with it.
Because they can be stolen and your authentication is now easily misused.
Maybe because plenty of devices don't have USB ports, and lots of the ones that do have the USB ports disabled by security policy.
Yeah, but how many of them are upstream ports and/or OTG?That's funny, because I've got maybe a dozen computing devices in my house, and every single one has either a USB or lightning port.
Yeah, but how many of them are upstream ports and/or OTG?
Sounds great -- another small thing for me to lose, and another adapter to carry around for my phone. Sign me up!
My primary yubikey rides on my keyring. I don't notice the thing.
Impressive. I've got a half dozen devices that are upstream-only. The ones that are OTG have pretty strict requirements on who/what they will talk to.Dunno, but my USB security key works in all of them.
That's funny, because I've got maybe a dozen computing devices in my house, and every single one has either a USB or lightning port.
My last three company issued laptops had the USB ports disabled as well.When I was working with the USAF, every single USAF computer had one or more USB port, and every single one had the USB port(s) disable by security policy applied to the computer.
When I was working with the USAF, every single USAF computer had one or more USB port, and every single one had the USB port(s) disable by security policy applied to the computer.
Personally, I have no objection to authentication hardware factors for high-security environments (I've used RSA key generators for consulting with the US government, myself), but I don't think it will ever take off with the general public.Every single one also had a smart card reader for PKI login via CAC or external PKI, which has been DoD policy since 2011.
Mobile phones can be configured as authorization keys themselves, so no adapters are necessary.Like everyone else, I've also lost hours of my life at meetings and conferences waiting for Macbook users to find someone with an HDMI adapter for their laptops to connect to the projector, because they invariably have lost or forgotten theirs. I also remember how much casual users have hated having to use any software that required a physical device as a license key all the way back to the 1980s (when they typically plugged into parallel ports). And finally, we increasingly access the web via phones and tablets, so USB authorisation keys would require not just carrying around a USB key, but also the right adapter (old iOS, new iOS, USB-C, micro USB, etc).
Granted, but then you get into the privacy concerns about MIN/MSIN. It's true that most users aren't aware of how many apps already exploit that, but with an authentication key it will be starting them right in the face. It's possible there will be some big disruptive shift that makes this happen, but it's been too many decades for me to have much confidence any more (hardware-based authentication for every(wo)man has been "right around the corner" since the late 1980s).Mobile phones can be configured as authorization keys themselves, so no adapters are necessary.