You can generate the keys inside the yubikey. Then just have two keys instead of... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		withinboredom on May 5, 2022 \| parent \| context \| favorite \| on: Apple, Google and Microsoft Commit to Expanded Sup... You can generate the keys inside the yubikey. Then just have two keys instead of a shared key. That’s actually better IMHO since that allows you to revoke one of you lose it instead of having a compromised backup.

lxgr on May 5, 2022 [–]

Ah, sure, if your use case allows registering multiple keys that is indeed a good way to solve it. Unfortunately that's not always the case (as pointed out in other threads).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact