I am im the market for a hardware key for MFA. I want to put it on my keyring and put it in my pocket so I always have it with me. I guess it should be quite sturdy for that (no easily broken off connectors, …) I mainly want to use it as additional factor for my Bitwarden vault. Do you have any recommendations, experiences, stories? Yubikey seems to be by far the brand most recommended. Solo is nice bc open source hard/firmware, but I care more about reliability and usability than openness I think.

Thank you for your insights!

  • Qazwsxedcrfv000@lemmy.unknownsys.com
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    I would place my trust on the good “not-so-old” Yubikey. I have been using their keys since early 2010s. I have used NEO, 4, and 5 NFC and all of them have been rock solid.

    • binom@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Thank you for the explanation. I wanted to not just buy the most popular thing from the near monopoly brand, but I really only read good things about the yubikey 5 series. At the moment I think I am veering towards buying that.

  • Version@feddit.de
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    I have a yubikey on my keychain for a few years now, no problems so far.

    Btw, I would recommend to get at least 2, one you use and one as a backup.

  • wrinkletip@feddit.nl
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.

    • binom@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      hahaha that’s crazy. A bit further than I am willing to go right now. Where do you have yours if you don’t mind me asking?

      • wrinkletip@feddit.nl
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Right forearm! It also works some places in the hand, but the forearm is the best location for that chip I believe.

        • binom@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          that is really cool! i have so many questions! is it visible from the outside? can you still have an mri scan? does the metal detector at airports detect it? can you feel it under your skin?

          • wrinkletip@feddit.nl
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            It’s only visible if you manipulate it with the other hand, otherwise it’s flat enough to be completely in invisible. MRI is fine! The technicians are often somewhat worried but usually accept it just fine if you refer to online documentation. The chip is unaffected. It’s too small to be detected by any metal detectors, so no issues at the airport. You can’t feel it outside of touching it with the other hand. There is a pinching feeling a few weeks after install though but it disappears completely.

            I have four; one small glass capsule type in each hand and two flex type in the forearm.

  • Coelacanthus@lemmy.kde.social
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Canokey, there are two way:

    1. You can buy one Canokey Pigeon, which is close source, but with protection of security chip.
    2. You can make one Canokey STM32/NRF52, which is opensource, but no security chip protection, so if someone got your key, she can extract the key from it.

    https://github.com/canokeys

    • binom@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Thank you for the recommendations. Any first hand experience with these brands? I am looking mainly for reliability and durability. Otherwise they look quite good, maybe even a bit overkill for me with all the extra features.

      • BrikoX@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        No, but Nitrokey is well known and time tested at this point. And they have different models, so I’m sure you can find something that works for you.

  • wrinkletip@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.

  • wrinkletip@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Apex Flex if you want to go a bit more off the beaten path. I love mine both for OTP and FIDO2.