Not sure exactly what you have in mind, but it's possible that there's a misconc... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kcorbitt on Feb 13, 2017 \| parent \| context \| favorite \| on: YubiKey 4C Not sure exactly what you have in mind, but it's possible that there's a misconception here about how these devices work. They don't depend on the touch being "unique to you" -- as mentioned above, it's just looking for a capacitive connection. The extra security they give is linked to the fact that an unauthorized user would be less likely to have access to the device itself. Also, most implementations of security with yubikey-type devices I've seen use it as a secondary authentication mechanism and still require a password, so it wouldn't actually solve your original issue of hands-free access. :( There may be ways to configure it to be the sole means of authentication though.

Nullabillity on Feb 13, 2017 [–]

Apparently it can be set up to send a static password: see https://www.yubico.com/products/services-software/personaliz... .

Incredibly insecure vs the OTP/U2F modes, but probably better than telling people your password.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact