Somewhat unrelated, but I got one of those Google Titan fobs. The one time I needed it to work - authenticating from a new-to-me- computer - it just... didn't work. I plugged it in and... nothing. No popups, no reaction at all. Thought it was broken, but it worked back on another computer when I tried it later. No idea how that this future is supposed to be better. Perhaps titans are just duds? A couple yubikey-focused friends have used theirs for years, but I wonder if they only talk up their successes, and don't mention the failures?
Yukibey based workflow are finicky. Sometimes, I need to try several times and reload the page or unplug/plug back for it to work. Sometimes, I need to switch key.
It's like arch linux.
Everybody tells there is never a problem with it, because, well, geeks lie.
I use Yubikeys (on my Arch Linux machines..) - only problem I've had was soft-bricking one by entering the wrong password (GPG passphrase) more than my max. (Ironically while setting up another as a spare - with a different password, then mixed them up.)
My company uses these tokens and buys Yubikey or Titans depending on price. They are pretty similar although Yubi has more features (that we don’t use) I don’t recall having a failure over about 3000 devices. Usually the issue is people lose them.
You have to have a system that makes sense to use them successfully. The upthread guy is talking about multiple accounts lost forever, etc. Sounds like a mess.
The same problems exist on other platforms. Ever support challenge response tokens? Lol.
The only time I've had frustrations with my yubikeys is not being able to redirect them in some RDP sessions when logging into an account that's wanting a yubikey to authenticate. Otherwise, my keyring one that I use the most (original NFC) is nearing a decade old and never fails.
I use it almost exclusively in Windows and ChromeOS.
