South Africa On Lockdown - Coronavirus - Update!

• Previous message (by thread): South Africa On Lockdown - Coronavirus - Update!
• Next message (by thread): South Africa On Lockdown - Coronavirus - Update!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First, for your whole message:
  s/\s+UBIKEY'/YUBIKEY/g
  s/\s+UBI/YUBI/g

thanks.

On Mon, Mar 23, 2020 at 9:24 PM Owen DeLong <owen at delong.com> wrote:
>
>
>
> On Mar 23, 2020, at 17:24 , Warren Kumari <warren at kumari.net> wrote:
>
> On Mon, Mar 23, 2020 at 8:03 PM Owen DeLong <owen at delong.com> wrote:
>
>
>
>
> On Mar 23, 2020, at 16:50 , Warren Kumari <warren at kumari.net> wrote:
>
> On Mon, Mar 23, 2020 at 6:53 PM Sabri Berisha <sabri at cluecentral.net> wrote:
>
>
> Not if you run it in TOTP mode. Yubikeys support many options - if you
> choose to use a weak solution, well that's your choice...
> I guess you could ask them nicely to make a version without the
> features you don't want to use - or you could just not *use* the
> features you don't want to use….
>
>
> I confess I haven’t investigated the implementation details, but is it possible for one to issue ubikeys
> to an employee in a secure way with those features disabled?

You can set the key and the authentication system to only do TOTP
(time based) and not HOTP.
you can also program the keys (I think all of their keys since their
first key) with custom firmware.

> It’s the allowing the employee to make a poor choice not necessarily desired by the employer thing
> that seems to me is the issue in this case.
>

Sure limit the manner in which they can do foolish things, require
totp not hotp.
-chris

• Previous message (by thread): South Africa On Lockdown - Coronavirus - Update!
• Next message (by thread): South Africa On Lockdown - Coronavirus - Update!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]