LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora accepting YubiKey one-time passwords

Fedora accepting YubiKey one-time passwords

Posted Oct 15, 2010 10:46 UTC (Fri) by rwmj (subscriber, #5474)
Parent article: Fedora accepting YubiKey one-time passwords

It works really well for me:

http://rwmj.wordpress.com/tag/yubikey/

Now if only I could persuade my bank to use a OTP / secure key setup instead of the completely useless (and *actively* insecure) "Verified by Visa" system.

(Log in to post comments)

Fedora accepting YubiKey one-time passwords

Posted Oct 17, 2010 7:11 UTC (Sun) by sitaram (subscriber, #5959) [Link]

For people wishing they could use this for banking, this sort of device cannot prevent a complete MITM attack. Bruce Schneier is fond of saying that the server must validate the *transaction*, not the user. Yubikey can't do that because it can't incorporate any transaction info in the generated output.

The problem with doing that is form factor. The most convenient I have read about so far is the EMUE card -- haven't seen it in action anywhere, but it looks nice, and I'm sure there are others like it.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds