That's a good idea, I do that too, but it just reduces the risk, it doesn't eliminate the riskThis is why you register multiple keys. One stays in my fire safe, one in my desktop, and one that I carry.What happens if the yubikey is lost or stops working? What processes exist for the user to setup a new key and what would prevent a bad actor from doing that under a false pretense?
Yubikey works great for google accounts because there is no way around it if that's how the account is configured (advanced protection program), but it also means the user could be permanently locked out. That is the risk one accepts for that level of security
Could a vanguard user be permanently locked out of their account? Somehow I doubt it
Statistics: Posted by hoofaman — Fri Jul 26, 2024 12:30 pm — Replies 689 — Views 91668