28
submitted 1 year ago by Sebo@lemmy.one to c/privacyguides@lemmy.one

Hello I'm thinking about buying two Yubi Keys for my keepPassXc database but I just want to be sure they're worth it before I buy them since two would cost a fair chunk of money ($100), can anyone recommend them?

Have a good day, -Sebo

top 11 comments
sorted by: hot top controversial new old
[-] dill@lemmy.one 13 points 1 year ago* (last edited 1 year ago)

I really wish I had gotten the nano version of the 5c. The full size sticks out my laptop and I always get nervous I'm going snap it off. They can be inconvenient when you don't have them on you, but that's exactly the point. I carry one on my keys with me everyday and it's handled the beating no problem.

[-] jhulten@infosec.pub 7 points 1 year ago

A+ would recommend. Replacing my titan/Google keys as funds present…

[-] sunbeam60@lemmy.one 7 points 1 year ago

I can recommend them. Have had one attached to my keychain for years and it's still working just fine. Be advised that there's an in-built dichotomy, in that you always need to keep a backup of your key, ideally offsite (mine is with my in-laws), but you also can't duplicate one key to another (by its very design) ... so they work best when you're using them an a unlock for a password/passkey manager, where you just set it up once, rather than using it as a 2FA everywhere. If you go down the "I'll employ my yubikey everywhere I can", you'll quickly find your backup key going out of date (thereby no longer being a backup key).

[-] independantiste@sh.itjust.works 6 points 1 year ago

I got mine for 10$ per key during a CloudFlare sale, and I really like them. Very durable, ive had mine for 6 or 9 months idk, and not a scratch can be seen on the plastic. The key is very convenient to use too, but I don't think its worth it at about 50$. I would wait and see if there is some sort of sale soon or during the black friday. Also check out their competitors as they are all compatible

[-] randomTingler@lemmy.world 1 points 1 year ago

I bought during the sale. 4 keys for $50.

[-] Cotillion189@lemmy.world 4 points 1 year ago

They are great. I own 3 of them. One for home use, one is on the go when im out and 3rd is backup. The one i use on the go is on my keychain and its over 3y and works fine, there are few scratches. They are very durable and they make your accs safe.

[-] mypasswordis1234@lemmy.world 3 points 1 year ago

Do not use YubiKey with database that is already local. Instead you can secure your online accounts.

[-] Vexz@kbin.social 3 points 1 year ago* (last edited 1 year ago)

If you ask me then don't bother buying them. Why? Because typing in your password to unlock your DB is still possible and afaik it cannot be turned off. Adding Yubikeys as additional option adds comfort but it's an additional way for an intruder to unlock your DB. You want less options for an unauthorized person to unlock your DB for better security, not more.

[-] ctr1@fl0w.cc 2 points 1 year ago* (last edited 1 year ago)

I can't speak for YubiKeys themselves, but I've been using an OnlyKey for years (which can emulate one). Works great for KeePassXC, but only because it can type the DB password (challenge-response unlock still requires the password). I haven't used the YubiKey emulator very much, except with a few services that are much easier to use if you have one.

I think it's great to have the option of securing things with a hardware key, and I think it's a good investment in general. But as others have said, it's probably not be the best choice for KeePassXC (but there are benefits). I would recommend an OnlyKey, but it seems the prices have gone way up and they're sold out.

[-] thecam@lemmy.world 1 points 1 year ago

Yubikeys are good. A Open source alternative is Onlykey

load more comments
view more: next ›
this post was submitted on 31 Jul 2023
28 points (100.0% liked)

Privacy Guides

16263 readers
1 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS