You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be nice if there were a way to disable the MPBLE's FIDO functionality entirely.
Justification
$DAYJOB has some really aggressive policies about password composition and rotation. Once a month when I have to cycle passwords, I use 1Password to generate the new password, and update the copy in an MPBLE that I keep plugged into the work computer during the day.
Most other web sites don't bother with password rotation, and instead use FIDO (or "Passkeys" they're calling it now). I've been using Yubikeys to handle FIDO for several years (since around the time of the original MooltiPass, mine is still in the desk drawer).
In many cases, when I try to log into these other sites, the MPBLE is apparently trying to satisfy the FIDO request before I have a chance to touch the pad on the Yubikey, and I end up not being able to log into the site.
I'm not interested in using my MPBLE for FIDO or SSH or anything else, I only want to use it for typing passwords.
Workarounds
Unplug the MPBLE when I need to use a Yubikey for FIDO authentication.
Other
The corporate IT security guys are familiar with Yubikeys, however they aren't familiar with the Mooltipass line at all. The only reason I'm able to use the MPBLE at all is because I already have "special dispensation" to use an external keyboard (specifically a mechanical keyboard, because laptop keyboards have almost no "travel" to them, I'm using a Das Keyboard 4 Pro for Mac with brown switches and SA-P caps, if anybody cares), and the computer thinks the MPBLE is another external keyboard. (The computer blocks USB memory sticks but allows keyboards, who knew MDM was that smart?)
The text was updated successfully, but these errors were encountered:
Missing feature
It would be nice if there were a way to disable the MPBLE's FIDO functionality entirely.
Justification
$DAYJOBhas some really aggressive policies about password composition and rotation. Once a month when I have to cycle passwords, I use 1Password to generate the new password, and update the copy in an MPBLE that I keep plugged into the work computer during the day.Most other web sites don't bother with password rotation, and instead use FIDO (or "Passkeys" they're calling it now). I've been using Yubikeys to handle FIDO for several years (since around the time of the original MooltiPass, mine is still in the desk drawer).
In many cases, when I try to log into these other sites, the MPBLE is apparently trying to satisfy the FIDO request before I have a chance to touch the pad on the Yubikey, and I end up not being able to log into the site.
I'm not interested in using my MPBLE for FIDO or SSH or anything else, I only want to use it for typing passwords.
Workarounds
Unplug the MPBLE when I need to use a Yubikey for FIDO authentication.
Other
The corporate IT security guys are familiar with Yubikeys, however they aren't familiar with the Mooltipass line at all. The only reason I'm able to use the MPBLE at all is because I already have "special dispensation" to use an external keyboard (specifically a mechanical keyboard, because laptop keyboards have almost no "travel" to them, I'm using a Das Keyboard 4 Pro for Mac with brown switches and SA-P caps, if anybody cares), and the computer thinks the MPBLE is another external keyboard. (The computer blocks USB memory sticks but allows keyboards, who knew MDM was that smart?)
The text was updated successfully, but these errors were encountered: