mardi 6 janvier 2015

Should Yubico's demo use HTTPS?



I've just picked up a YubiKey.


However, the demo Yubico redirect you to is served over plain HTTP.


As services such as LastPass use the static identifier in order to encrypt your password vault for offline use, is there a huge security risk of using the demo site?





Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)