> It seems like the most secure method (albeit impractical) would be to have a "what you know" challenge built into the yubikey, like a pin pad or dial. At that point though, one would probably have to worry about other attacks, like physical intrusion and kidnapping as well.
This isn't uncommon for Bitcoin hardware wallets, fwiw.
But the problem is that the short what you know challenge isn't very secure if the edge device is compromised and can't impose rate limiting or maximum-try limits.
I think for auth I'd rather have yubi/fingerprint + password. Yes, the host could still the password, but even if the yubi is completely backdoored you still have a credible amount of security.
It would be better still if the fingerprint mechanism were cryptographic. But it's probably pretty hard to fit a lot of fancy code in such a small device, -- and security is something of a lemon market (see also zoom's "end to end").
I think people should be extremely wary of efforts to turn U2f devices into single factor authentication. If intelligence agencies haven't compromised yubico or at least developed a good program to substitute devices in the mail-- then they ought to be fired.
This isn't uncommon for Bitcoin hardware wallets, fwiw.
But the problem is that the short what you know challenge isn't very secure if the edge device is compromised and can't impose rate limiting or maximum-try limits.
I think for auth I'd rather have yubi/fingerprint + password. Yes, the host could still the password, but even if the yubi is completely backdoored you still have a credible amount of security.
It would be better still if the fingerprint mechanism were cryptographic. But it's probably pretty hard to fit a lot of fancy code in such a small device, -- and security is something of a lemon market (see also zoom's "end to end").
I think people should be extremely wary of efforts to turn U2f devices into single factor authentication. If intelligence agencies haven't compromised yubico or at least developed a good program to substitute devices in the mail-- then they ought to be fired.