klali
commented
9 years ago Hello.
There exists a number of different tools from Yubico for different purposes. This tool only configures what we call the "standard" YubiKey functions. In that mode 20 byte secrets are support for hmac-sha1. For the ykneo-oath applet (that supports 64 byte secrets) you will need the Yubico Authenticator, either for android or Desktop (projects namned yubioath-android and yubioath-desktop)
/klas
tarnfeld
I've noticed that the personalization tool doesn't allow you to enter 64 character (not hex) secrets for generating the 6 digit TOPT (using the little desktop applet that provides the time), only 32 character ones are supported.
For example, the AWS TOPT 2FA support provides 64 character tokens. The Yubico support team said this is supported using the YubiOATH CCID applet but i'm unable to configure that using this UI.
An example secret provided by the setup-up process would be
TUTLUXXXOXXXXXFNIZN3ALOVDAXXXXXDZBC5PHTSBTXXXXXAJL7VXXXMPXXXOENJthough the supported ones are only 16 or 32 character (e.g google 2FA uses 16 characters).