Yubikey/U2F protecrion

It’s been a while since I looked into this, but do all the apps now support Yubikey for U2F? And which ones are best for me that will work with my iPad and iPhone? Thanks all!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • BenBen AWS Team

    Team Member

    Hi @prime,

    U2F is more broadly available now, yes. For 1Password for Mac: v7.9.1 and macOS 12 are required. You can use any WebAuthn/U2F/Fido2 security key that macOS supports. For iOS: if you're using v7.8.1 when running on iOS 14, you're limited to Yubikeys (YubiKey 5 NFC, YubiKey 5C NFC, or YubiKey 5Ci) and USB-C iPads are not supported. With iOS 15 it's the same as macOS -- any security key compatible with your device can be used (USB, Lightning, Bluetooth, NFC).

    I've had the best success with the Yubikey 5Ci personally as that works with the broadest range of my devices.

    I hope that helps!

    Ben

  • @Ben wonderful news! I’m on iOS 15, so looks like I have more to pick from. Happy New Year!

  • BenBen AWS Team

    Team Member

    Happy New Year :)

    Ben

  • Hello everyone,

    1) Getting the YubiKey to work with 1Password is confusing, even for a tech-head like myself. In my situation I am using Yubikey 5C NFC.

    2) The YubiKey does not work with 1Password. I can enable 2FA on my 1Password account using the YubiKey and I can use it to unlock my account when using 1Password on a computer. However, I cannot unlock 1Password on my phone using the YubiKey because 1Password has not written the necessary code to allow 1Password to use the YubiKey 5's NFC feature.

    3) Yubico and 1Password advertise that the YubiKey 5 series works seamlessly with 1Password, but this could not be further from the truth. Enabling 2FA on my 1Password account using a YubiKey requires that I also use the Yubico Authenticator app. Rather than simply inserting my YubiKey into the computer and logging in, I am required to first insert the YubiKey, then open the Yubico Authenticator app, find the login I need a code for, copy that code to my clipboard, navigate over to 1Password, paste the code, and only then can I finally unlock the application. This is not a seamless process.

    In order to improve this 2FA authentication method, 1Password needs to dramatically improve the quality of their product, setup documentation and support website. Yubico also needs to provide a much more honest description of the process involved in using the YubiKey 5 series with password managers such as 1Password.

    Until changes are made, I definitely cannot recommend the product to anyone who uses 1Password with YubiKey 2FA authentication method.

    Thanks

  • BenBen AWS Team

    Team Member

    Hi @Canadian

    I'm sorry to hear about the difficulties you've experienced. If you're using the latest versions of 1Password and iOS then the Yubikey 5C NFC does indeed work (via U2F/WebAuthN, in addition to TOTP) with 1Password for iOS, so long as the key itself is compatible and working with your iOS device. Could you please confirm for us which version of 1Password and version of iOS you're running? Also, which Apple mobile device are you using?

    Ben

  • This is the key I bought and it’s great. My issue is my iPad, I don’t think it has NFC, it’s pretty old (still supported at least).

  • BenBen AWS Team

    Team Member

    Indeed; on devices that don't have NFC the USB-C connection of the Yubikey 5C NFC can be used, assuming the device has USB-C. If the device has neither NFC or USB-C then then Yubikey 5C NFC would not be compatible with your device, however, this is not a limitation of 1Password but rather the device.

    Ben

  • @Ben I know it’s not 1Password. I bought this key thinking I’ll get a new iPad this year. I have a 9.7 iPad Pro (March 2016) and it’s definitely showing it’s age.
    Everyone on my family plan will probably get a Yubikey for next Christmas :lol:

  • BenBen AWS Team

    Team Member

    I know you know. 😁 Just mentioning it for the benefit of anyone else reading that might have the question.

    thinking I’ll get a new iPad this year

    🎉

    Everyone on my family plan will probably get a Yubikey for next Christmas :lol:

    That's a neat idea!

    Ben

  • @Ben the key is actually very simple IMO compared to 2FA.
    I was going to get the one you got, but I felt like as soon as I got it, Apple would announce dropping the Lighting port :lol:
    I also been trying more secured emails too, looking at ProtonMail and Tutanota.

  • BenBen AWS Team

    Team Member

    the key is actually very simple IMO compared to 2FA.

    Agreed!

    I was going to get the one you got, but I felt like as soon as I got it, Apple would announce dropping the Lighting port :lol:

    That would be my luck 🙃Fortunately it has USB-C as well as Lightning, so it would still have some value.

    Ben

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file