GregDomzalski
commented
2 years ago Hi @MrM40 - The YubiKey 5 Nano is not equipped with a biometric fingerprint reader like our YubiKey Bio Series. The gold contact is simply a capacitive touch sensor - meaning anyone would be able to press it in order to emit the stored password. Further, the YubiKey Bio Series does not support the OTP application (which allows password storage) at this time.
To summarize:
- YubiKey 5 Nano: Can store static key-phrase, but is not protected by a fingerprint.
- YubiKey Bio Series: Is protected by a fingerprint, but cannot store a static key-phrase.
In case you are still interested in using the YubiKey 5 Nano for configuring a static key-phrase, you can follow this how-to article: How to program a slot with a static password.
Note that the YubiKey only supports up to two slots for configuration in this manner. This mechanism was never meant to replace proper password managers - but the static password could be used to augment your vault password. (I would personally recommend using the phrase stored in your YubiKey as only part of the value password - the rest of which you should still memorize and type yourself).
Lastly, if you're simply looking to configure the YubiKey once - I'd consider using the YubiKey Manager CLI tool ykman. It is able to program secrets into the touch slots: https://docs.yubico.com/software/yubikey/tools/ykman/OTP_Commands.html#ykman-otp-static-options-1-2-password
MrM40
Can I use this SDK together with the YubiKey 5 Nano fingerprint-reader to return a static key-phrase which could be used as a password for all kind of things like encryption, authentication etc.? I have no need for the more advanced two-factor and online authentication methods.
And if so, can you point me in the direction of which classes to use?