Yubico / ykneo-oath

OATH App for the YubiKey NEO
https://developers.yubico.com/ykneo-oath/
GNU General Public License v3.0
63 stars 40 forks source link

Where is the secret key? #1

Closed djmaze closed 10 years ago

djmaze commented 10 years ago

In order to have a backup when the Yubikey is lost, I need to know the secret key for the OATH generator. Even in the README it says "Keep a backup of your OATH credentials!". I wonder where the secret key is generated / stored? There must be a way to set up a new Yubikey with the same key?

Furthermore, how does this fit in with the OATH-HOTP settings in the yubikey-personalization-tool? I realized that after installing the OATH applet, I am no longer able to update the Yubikey's slots via the tool. Has the configuration protection been activated? I am a bit puzzled.

It would be particularly interesting to use the same OATH-HOTP credentials via NFC and USB, for desktop vs. mobile usage. Is this possible? Would be great to understand how this smartcard applet approach fits within the rest of the Yubikey security architecture.

djmaze commented 10 years ago

Sorry, just discovered the right place to ask questions like this (-> the forum).