|
|
|
|
|
|
by ashtonkem
2135 days ago
|
|
|
For most of us, the inability for the key to be duplicated remotely is the primary design criteria, as most of us need to defend against low to moderate remote attacks (which is exactly SMS 2FA is bad). You have to be an incredibly high value target before "my opponents are willing to send people to try and steal my 2FA token from my person and clone it" is a probable risk. At that point you better be using all kinds of special equipment and techniques, as a Yubikey alone probably isn't enough. That being said, it's incredibly unlikely that someone would ever sell mass storage based USB credentials because: 1. Security products are marketed based on surviving the worst case scenarios. Nobody would buy a U2F token that is "good enough for the threats you probably face". 2. By the time you've hardened any USB device from remote cloning, you're probably already done most of the work to harden it against local cloning. Might as well complete the last bits necessary in order to get the marketing benefits from point 1. |
|
|