|
|
|
|
|
|
by imdoor
1867 days ago
|
|
|
In principle, there is a way for you to have U2F backup keys. Here's a great write-up https://dmitryfrank.com/articles/backup_u2f_token The basic idea is to have two U2F devices with with the same device_secret but one of the devices (the backup) is pre-programmed to add a large offset to the so called counter value. Upon login the service must check the counter value and ensure that the received value is greater than the one it's seen previously. If you happen to lose the first key, you can use the second key to log into all of the affected online services and upon doing so, the service would accept the new larger counter value and thereby invalidate the lost key. |
|
|