YubiKey¶

What's an YubiKey?¶

An YubiKey is a security token which serves as a second authentication factor.

How does pwSafe use the YubiKey?¶

pwSafe uses YubiKey's HMAC-SHA1 challenge response mode. When the key is initialized, a random secret is stored in it. The password you enter is used as the challenge and the resulting response is used as the safe password.

To ease the creation of backups keys, the secret is also stored in encrypted form inside the safe itself.

Is pwSafe compatible with safes from Password Safe?¶

Yes. pwSafe's usage of the YubiKey is exactly the same as Password Safe's.

Why aren't the iPhone and iPad supported?¶

Unfortunately, at this time we don't intend to provide support for YubiKey in iOS. After running some tests, having read the documentation and evaluated the amount of time and work that would need to be put toward implementing this feature, the truth is that the user base for such a feature just isn't there and as a small developer, we'd rather invest this time and effort into improvements and upgrades that will have a broader and more immediate impact.

Why is the YubiKey in-app purchase so expensive?¶

The YubiKey feature is used by a small number of people. This means its price needs to be higher to be able to cover the development costs.

After upgrading to macOS Catalina, the YubiKey option is greyed-out.¶

Open your Settings app, then go to "Security & Privacy", click "Privacy" in the upper tab, then "Input monitoring" on the left-hand list and then enable pwSafe. That will allow you to use the YubiKey again.

How can I buy an YubiKey?¶

You can buy an YubiKey directly from the Yubico Store.