Southpaw018 Posted March 27, 2012 Posted March 27, 2012 I'd love to see Yubikey two factor auth support (against Yubico's servers for the cloud PC Monitor version, and against Enterprise Server for that version). Links: Yubikey: http://www.yubico.com/yubikey Yubico Developers: http://www.yubico.com/developers-intro .net API: http://code.google.com/p/yubico-dot-net-client/ Thanks!
Administrators Paul Posted March 30, 2012 Administrators Posted March 30, 2012 Hello, This could only work if it would be used as a two factor auth support along with the standard passphrase PC Monitor authentication system. It could be nice if you would be able to choose with two factor authentication system you want to use. I did look over their API and it seems that's fairly easy to work with it's just a web api to call and see if the OTP is valid, action which PC Monitor's server should take. Just one question, when you touch the button on your YubiKey how will you get the OTP? It will appear on some application you install or you need to have an application that need to talk with it, just like a dongle? Let's see what others have to say.
Southpaw018 Posted June 20, 2012 Author Posted June 20, 2012 Whoa. Sorry it's taken me so long to get back to you, Paul! Right, you'd use PC Monitor's passphrase/password and the Yubikey as the second factor. When you touch the button on the Yubikey, it generates the one time password and then types it out to the computer as if it were a USB keyboard. It's actually pretty genius in that regard - it requires no special hardware. Here, check it out. I'll attach my key and have it type an OTP, then censor the key data: ******######fttrtfdkrerhniclllvnlfiutgdngrrj The asterisks are a 6 character public ID. The hashes are a 6 character key serial number. The rest is the OTP.
tekstrong Posted November 30, 2015 Posted November 30, 2015 Just wanted to add my +1 for this feature request. Yubikey authentication is one of the big things I miss when using Pulseway (it's oddly one of the few products that I use that doesn't have any Yubikey support at all).
crank Posted January 5, 2016 Posted January 5, 2016 I came here today to make a similar suggestion. I would strongly support this, but not if it required me to have my physical Yubikey device. I have one, but I also have a smartphone, and I'm not really interested in having to juggle a dozen devices just to log into things. I find it too onerous forcing everyone to acquire a Yubikey and deal with that. The implementation chosen should be a form of TOTP that works in the same clients that can be used for Amazon, Microsoft, LastPass, and many more. Google Authenticator is one, and there are other clients that support the same standard (Authenticator Plus is the Android client I use). The impetus for even thinking about this occurred to me this morning after trying to connect to my daughter's PC to diagnose an issue on it. I was prompted for the two-factor auth code before using Remote Desktop, but the email never arrived (still hasn't). I was going mad waiting for it because she has limited time. Emailed auth codes is a terrible implementation for this reason and I very nearly disabled the entire option.
Staff Chris Posted January 5, 2016 Staff Posted January 5, 2016 Hi, Thank you for your feedback, we have Yubikey in our todo list along with Google Authenticator. This will be considered for future releases. Chris
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now