Closed niansa closed 1 year ago
Did you try it with a legit Yubikey? It seems that YKMAN supports 16 bytes for static OTP (if you have 8 might be caused by SHORT_TICKET flag).
From Yubico documentation, static passwords are 16 bytes length:
https://docs.yubico.com/yesdk/users-manual/application-otp/commands-configure-slot.html
From specs, it cannot increased, as it would overflow the frame buffer.
But then why can it only be 8, not 16?
Not really. In version 5.8 we removed that limitation and Pico Fido is able to send up to 38 bytes.
Stored password ends up being:
DrHfEHtI