Ho provato per settimane le YubiKey 5 NFC e 5C NFC, ecco com’è andata

https://yoota.it/ho-provato-per-settimane-le-yubikey-5-nfc-e-5c-nfc-ecco-come-andata/

Just confirmed: my TOTP seeds live on my Token2 Bio3 key itself.
The app is just a reader. The seed never leaves the hardware.

That said — Proton Authenticator looks genuinely excellent.
If I didn't have a key where the seed lives on it,
that's where I'd put my seed.

Gigity.

#TOTP #2FA #Infosec #ProtonAuth #Token2 #FIDO2

I've been trying to archive as many things from github pages websites as possible lately and so I grabbed this tutorial I use for using yubikeys for passwordless sudo access recently and threw it up on my general onboarding website, that is not tied to GitHub in anyway:

https://onboardme.smallhack.org/linux/linux/#using-a-yubikey-for-passwordless-sudo

Don't worry, it's still open source, just not on GitHub (​  ​​):

https://codeberg.org/jessebot/onboardme/src/branch/main/docs

Eventually I plan on switching to exclusively using another opensource key instead, but until they make a tiny one, this is what I've got to keep my life easy.

#yubikey #solokey #fido2securitykeys #fido2

Anyone got a recommendation for a low profile USB-C opensource physical security key?

I know about solokeys, but unlike yubikey, they don't have a short USB-C security key.

I also saw Somu (also solokeys) which are the right form factor, but they only support USB-A.

If not, do you know if solokey is ever gonna come out with a mini USB-C key? I really need a tiny yubikey type thing I can just forget about.

(I have full sized keys already as backups, just in case.)

Edit: I've added a picture of the YubiKey 5C Nano as an example of what I'm after. The idea is that the total length that sticks out from the computer is very very small, and therefore is less likely to break off.

#yubikkey #solokey #somukey #securitykeys #FIDO2 #FIDO2SecurityKeys #FOSS

LUKSbox: Encrypted vaults that survive the next decade

LUKSbox는 클라우드나 공유 저장소에 저장하는 민감한 파일을 사용자의 키로 로컬에서 암호화하여 저장하는 오픈소스 암호화 볼트 솔루션입니다. FIDO2, TPM 2.0 하드웨어 인증과 포스트 양자암호(ML-KEM)를 지원해 법적 강제력에도 데이터 노출을 방지하며, 무결성 검증과 롤백 방지 기능도 갖추고 있습니다. AES-256-GCM-SIV, Argon2id, HMAC-SHA256 등 검증된 암호화 기법을 사용하며, 다양한 플랫폼에서 CLI, TUI, GUI 인터페이스를 제공합니다. 현재 1.0 이전 버전으로 내부 감사를 여러 차례 거쳤으며, 외부 감사와 실사용 배포가 예정되어 있습니다.

https://github.com/PentHertz/LUKSbox

#encryption #fido2 #tpm #postquantum #cloudsecurity

🔐 Releasing LUKSbox: encrypted vaults that survive the next decade.

Drop sensitive files on any cloud or USB. The provider gets one random-looking blob they can't read, even under subpoena.

✅ FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello)
✅ TPM 2.0 keyslots
✅ Post-quantum hybrid (ML-KEM-768/1024 - FIPS 203)
✅ Detached header → zero metadata on the container
✅ Linux / macOS / Windows
✅ Rust, Apache-2.0, 30M+ fuzz iterations

v0.1.0 is out. External audit next.

👉 https://github.com/PentHertz/LUKSbox

#infosec #encryption #postquantum #FIDO2 #rust #opensource #cryptography #penthertz

I've just published the first v1.0.0 release candidate for Passchain (formerly HW Fido2 Provider)!

This is a big step from something that kind of work enough to be able to use security keys without the Play Services [1][2] to a more stable app.

Among other things, it benefit from the recent improvement made for the feature on microG (it uses its lib): for example we now have cross-device login => you can theoretically login on your TV with your Yubikey now 😃

[1] or microG
[2] there are now other apps like Authnkey that allow it. They didn't exist when I started Passchain, the Play Service was the only way to use them on Android

#passchain #hwFido2Provider #passkey #fido2 #yubikey #android #microg