[comboy]

What problem are you trying to solve? Yes you can get one for $10 instead of yubico's $20, but yubico's have been researched the most and importantly they are very reliable. Many people successfully abuse them and while you always should add a pair of them giving you a backup, it would be a pain if it would stop working.

I'm asking because I'm curious about use case where you think you need them (even a bunch), but you think they are too expensive compared to value which you are trying to protect.

Reliability would be a good enough reason to me even ignoring all security aspects.

[michaelt]

1. Decide that USB C is a must-have feature. No $25 blue yubikey for you - prices now start at $50.

2. Decide you want two keys per user, in case they lose one.

Now you're looking at spending $100+ per person.

[Aeolun]

Is that an unreasonable expense for something like two factor SSH auth?

[selfhoster11]

Most definitely. Not all people are made of money. $100 can buy a lot of things, so if I can't justify it for professional use, there's not much of an incentive to spend that much.

[Dylan16807]

Yes.

And using a key like this isn't even two factor.

[ptman]

https://solokeys.com/ ?

[skynet-9000]

$25 USB-C: https://solokeys.com/products/solo-usb-c?variant=23528357560... For those not familiar, solokeys was an open source project that became a company via kickstarter (and now indiegogo)

[spicybright]

Assuming this is a business, you're already spending thousands per machine per user.

And a developer that's down for half a day from a failed key is way more expensive than that $10 of savings.

[selfhoster11]

If I'm getting a physical security key, I might as well pick something that has rudimentary PGP support. The cheapest Yubikeys do not, and the ones further up the range that do support it, are definitely outside the impulse/curious buy range.