Indeed. Why so many recommend them I have no idea.
Honestly, if you have a password manager that supports security keys then buy two cheap keys (one for backup) like the Thetis FIDO U2F Security Key and use those to secure your password vault. For everything else just use TOTP and Passkeys stored in your vault.
I’m getting ready to roll them out at work but it’s basically exclusively for the password managers. Having a password manager and every account be unique isn’t helpful if everyone’s going to just use shit passwords for their password manager
I have the opposite situation, I bought yubikeys but nobody supports them.
Indeed. Why so many recommend them I have no idea.
Honestly, if you have a password manager that supports security keys then buy two cheap keys (one for backup) like the Thetis FIDO U2F Security Key and use those to secure your password vault. For everything else just use TOTP and Passkeys stored in your vault.
I invested in Yubikeys and yes it was a waste.
I’m getting ready to roll them out at work but it’s basically exclusively for the password managers. Having a password manager and every account be unique isn’t helpful if everyone’s going to just use shit passwords for their password manager
If they have a security key then fuck it, they can use ‘password’ as a password 😀