Hacker News new | ask | show | jobs
by coldblues 657 days ago
Yubikeys are useless when someone can reset your password or 2FA using personally identifiable information that was just leaked. A lot of us who practice good security will be PWNED through large scale data leaks. Whenever I sign up, I sign up with fake information, and so should you. Most services will not KYC you, so just lie.
2 comments
jgalt212 657 days ago
As someone who recently dropped his phone in salt water can attest, it was pretty easy to reset my access for 8 of 10 of my 2FA accounts.
link
mzagaja 657 days ago
agreed, this only works if there are not "workarounds" or non-trivial ways to recover your account if you lose your yubikey.
link