I love the idea of this plug in but don't like the security hole that is present with storing the yubikey key in an off-line file or on paper. Is there a way to have the plug-in use EITHER the yubikey as it does now OR the regular keyfile(s), whichever is present? This way, if travelling and you forget your yubikey, you can still log into the database using the keyfile(s) - all without having to travel with the plain-text yubikey "secret key" on your person. Also, if you lose your yubikey, you can use the keyfiles to access the database without having to save the yubikey "secret key" before hand.
Thanks.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I can sympathize with you on this one. I've found myself without my yubikey multiple times when I want to access the database. Unfortunately there's no real way to make this an either/or situation while preserving security. If you use a keyfile, you run into the same problem. Either you have to remember the thumb drive with the file on it, or you have to store it on the cloud somewhere (which has its own security risks). In point of fact, the keyfile is really just a longer secret key.
I ran across a handy solution to this problem recently. Rather than traveling with the plaintext secret, you can instead print out a page full of random characters. You embed your secret somewhere within this page. This way you only have to remember the line number and character offset where the secret begins, and it's pretty useless to anybody else. Of course, an attacker could digitize the text and brute force it pretty easily, so this isn't perfect, but it at least obfuscates your secret from casual snooping.
I'd also point out that having your secret printed out isn't really an additional security hole. Anybody who can gain access to a sheet of paper in your wallet could just as easily access your yubikey. The real benefit to KeeChallenge is the protection it offers from a remote or casual attacker. I feel comfortable storing my database on Dropbox because even if Dropbox were breached and my master password were somehow also compromised, they'd still need my yubikey to gain access. Finally, I'd mention that it is important to keep a hard copy of your secret somewhere just in case your yubikey is lost or stolen. I keep mine printed out and locked away, and there is no digital copy of it. When I need it, I enter it manually each time.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I love the idea of this plug in but don't like the security hole that is present with storing the yubikey key in an off-line file or on paper. Is there a way to have the plug-in use EITHER the yubikey as it does now OR the regular keyfile(s), whichever is present? This way, if travelling and you forget your yubikey, you can still log into the database using the keyfile(s) - all without having to travel with the plain-text yubikey "secret key" on your person. Also, if you lose your yubikey, you can use the keyfiles to access the database without having to save the yubikey "secret key" before hand.
Thanks.
I can sympathize with you on this one. I've found myself without my yubikey multiple times when I want to access the database. Unfortunately there's no real way to make this an either/or situation while preserving security. If you use a keyfile, you run into the same problem. Either you have to remember the thumb drive with the file on it, or you have to store it on the cloud somewhere (which has its own security risks). In point of fact, the keyfile is really just a longer secret key.
I ran across a handy solution to this problem recently. Rather than traveling with the plaintext secret, you can instead print out a page full of random characters. You embed your secret somewhere within this page. This way you only have to remember the line number and character offset where the secret begins, and it's pretty useless to anybody else. Of course, an attacker could digitize the text and brute force it pretty easily, so this isn't perfect, but it at least obfuscates your secret from casual snooping.
I'd also point out that having your secret printed out isn't really an additional security hole. Anybody who can gain access to a sheet of paper in your wallet could just as easily access your yubikey. The real benefit to KeeChallenge is the protection it offers from a remote or casual attacker. I feel comfortable storing my database on Dropbox because even if Dropbox were breached and my master password were somehow also compromised, they'd still need my yubikey to gain access. Finally, I'd mention that it is important to keep a hard copy of your secret somewhere just in case your yubikey is lost or stolen. I keep mine printed out and locked away, and there is no digital copy of it. When I need it, I enter it manually each time.