Hey everyone,

I am currently using an old(er) HYPERSECU FIDO key, USB-A with a button, and I am looking to

  • secure my phone as well (NFC) and, if possible
  • add biometric authentication to the mix.

Are there good alternatives or better: upgrades to the YubiKey which do support NFC as well as biometrics and come with a USB-C?

Thanks for your time 👋

  • dog@suppo.fi
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    11 months ago

    The issue with onlykey is the static key placement. Trezor for example randomizes key positions, so even if someone gets the key, they won’t be able to guess the PIN based on greasemarks and such.

    Also more resistant to over-the-shoulder spying.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      11 months ago

      The trezor looks cool, but it’s a bit bulky to put on a key ring. I wouldn’t want to carry it around as my second factor.

      The benefit of external factors, like a fingerprint reader, like an external pin input is that a compromised computer doesn’t get the something you know.

      • dog@suppo.fi
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        It’s a question of what your privacy/security model is. I currently use Yubikey + Bitwarden with a strong main password. If I had to be paranoid, I’d sacrifice convenience for security, and carry a Trezor around.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          11 months ago

          Personally I think the yubikey fingerprint hardware key plus bit warden is an excellent combination even if you need to be very paranoid.