Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You backup the yubikey seed (whatever it's called) separately from the password db, so that the attacker still has to get 3 separate pieces of information (db, password, seed) to get the full access.


If you backup the "seed" hotp secret you can probably use any OTP client software to open the DB without needing the yubikey




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: