• @[email protected]
    link
    fedilink
    English
    152 months ago

    The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target and specialized equipment to perform the necessary attack. Depending on the use case, the attacker may also require additional knowledge including username, PIN, account password, or authentication key.

    Meh, doesn’t seem that realistic of an attack yet, but I know that could change.