Comment by foxyv 4 months ago They also store passkeys for logging into websites with biometrics and PIN. 4 comments foxyv Reply whatshisface 4 months ago So do hard drives. foxyv 4 months ago Yeah, you can implement a software based method using PBKDF2 or BCrypt. This is why most password managers use a "Master Password." They are much less convenient than hardware based keys like Yubikey and HSMs/Secure Enclave. codedokode 4 months ago Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware. 1 reply →
whatshisface 4 months ago So do hard drives. foxyv 4 months ago Yeah, you can implement a software based method using PBKDF2 or BCrypt. This is why most password managers use a "Master Password." They are much less convenient than hardware based keys like Yubikey and HSMs/Secure Enclave. codedokode 4 months ago Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware. 1 reply →
foxyv 4 months ago Yeah, you can implement a software based method using PBKDF2 or BCrypt. This is why most password managers use a "Master Password." They are much less convenient than hardware based keys like Yubikey and HSMs/Secure Enclave. codedokode 4 months ago Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware. 1 reply →
codedokode 4 months ago Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware. 1 reply →
So do hard drives.
Yeah, you can implement a software based method using PBKDF2 or BCrypt. This is why most password managers use a "Master Password." They are much less convenient than hardware based keys like Yubikey and HSMs/Secure Enclave.
Secure enclave is not an alternative for Yubikey because the program inside enclave cannot tell if the request comes from the user or from malware.
1 reply →