Comments on: Two Weeks With The Yubikey Linux. GNU. Freedom. Sun, 13 May 2018 18:21:35 +0000 hourly 1 By: Aaron Toponce Mon, 21 Oct 2013 18:01:30 +0000 You can install the Yubikey server on your own instance, for all your personal stuff. And it supports Challenge/Response for anything local (workstation login, SSH keys, etc). Further, you can configure the ports to work in static password mode, which will send static strings. This is great for two-factor authentication in all password form fields.

By: Dave Fri, 18 Oct 2013 21:48:50 +0000 Ive used my Yubi Key for a few weeks now and Ill be honest I don't think it works well. I haven't been able to get it to work with Gmail even with they Yubi key application and the sites that have yubi integration dont seem to work OR they allow you to enter the site with your user name and password regardless of whether or not you have any level of Yubi auth enabled. It seems useless to me unless you use it with LastPass which seems to be the only reliable and working application and site that works with Yubi seamlessly.

By: argo Wed, 15 May 2013 09:11:43 +0000 I forgot to mention passpack

stores up to 100 passwords in the free account and supports two-factor authentication both with the yubikey or with your email. Actually I'm evaluating it even if I own much more passwords ( : solved with 2 accounts? 1 for light accounts and the other for accounts dealing with money as for your bank or paypal account? don't know).

By: argo Wed, 15 May 2013 08:50:17 +0000 Hi aaron,

the keepassdroid solution is attractive, but it depends on how you use it. Keys used to decrypt could be stolen if kept on the phone or even in the cache of the downloads and keyloggers are active on android too (actually don't know about screenloggers), so the good solution would be implementation of OTP from yubikey (or key pushing) on keepassdroid too...but again you need to keep always the phone and the yubikey always with you.
At the moment I use keepass on my old nokia (java without fast data connection except for the classic GSM), and doubt about moving to a smartphone depends on this too.

By: kalos Tue, 04 Dec 2012 08:55:40 +0000 Just use yubikey with a service like
I use both from 1 year.

By: lol Sun, 11 Nov 2012 15:32:35 +0000 Just checking whether recognises Windows 95 and IE 5.

By: rubiojr Sun, 11 Nov 2012 10:22:28 +0000 Hey Aaron, thanks for sharing.

I did the experiment too (because I read the first part of the article and I had a yubikey). Reached the same conclusion.

I'm always wearing my android phone with keepassdroid, much more comfortable, always available and you can copy/paste easily and sync with the laptop database.

By: anonymous Sun, 11 Nov 2012 05:29:03 +0000 Thanks for those insights. I'm also on Dvorak (German Type II).

"The way I am managing my passwords is a lot of work."
I've been using pwdhash for a few years now:
* No need to store a file anywhere
* You only need to remember one password if you are lazy
* Different passwords on every website