> you just need someone to buy a bunch of Yubikeys
This is so wrong it's hilarious. I've been doing computers for forever, and "security keys" are STILL a universally lousy user experience.
What happens when you lose one? How do I install multiple keys? How does their manager revoke their keys when they leave the company? And where is the server that controls all this, and how do you administer that? I could go on ...
If you have any pointers to tutorials how to do this, I'M ALL EARS. Seriously.
The purpose of a U2F key is to break phishing. You want users to use them as much as possible (on computers), but you do not depend on them being the only second factor.
So you can buy and enroll 2 keys, or just do what Google forces you to do: enroll an additional second factor, like a code generator.
I do not understand your revocation argument at all. When you let a staffer go, you lock their account. You do not care about their keys.
This is so wrong it's hilarious. I've been doing computers for forever, and "security keys" are STILL a universally lousy user experience.
What happens when you lose one? How do I install multiple keys? How does their manager revoke their keys when they leave the company? And where is the server that controls all this, and how do you administer that? I could go on ...
If you have any pointers to tutorials how to do this, I'M ALL EARS. Seriously.
reply