|
|
|
|
|
|
by nimbius
3029 days ago
|
|
|
U2F != OTP, which is Yubikey 4. For some reason the FIDO alliance decided they didnt want OTP. Yubikey 4 allows openPGP keys as well as OTP Yubikey functionality, making it half HSM/half token. the FIDO keys offered by Yubi only do asymmetric cryptography. |
|
|
OTP is regularly phishable, not requiring any webusb. Before this webusb attack, u2f was unphishable.