Add a second Yubikey as backup

Q1. What is the problem that you are trying to solve?
I would like to register a second Yubikey to my account. Using a single Yubikey for MFA is risky in case it get lost, it should be possible to register a second Yubikey.

Q2 - Who is impacted?
Everyone who use Yubikey for MFA.

Q3 - Why is it important and/or urgent?
If the Yubikey is lost, the user might loose access to their account.

Q4 - What is your proposed solution? (optional)
Enable the user to register a second Yubikey.

1 Like

Hey @eldaria welcome to the forum and thanks for the suggestion!

A potential work around to mitigate this while waiting for it to be worked on is to enable TOTP in addition to the Yubikey as you could use that as your backup method.

Hello Calyton.
Indeed and this is what I have done on other sites that don’t support multiple.
I like my backup Key to be identical to my primary key and not have different. This means I would have to have the TOTP on both keys.
However as you might know the TOTP on YubiKey has a limited amount of entries. Currently 32 Accounts.

This is why I try to get apps and sites to 1: Support The key directly instead of TOTP, for example through U2F. 2: Support multiple keys, and not fall back to TOTP.

Passbolt currently has only number 1, which is the most important one. :wink:

1 Like

This would be cool. I’ve just moved to yubikey and would love to add my backup to the system.

Can this be look at again please an an NFR. It would be really useful especially when you have multiple devices. For example I have two key, one UBS with NFC and one UBC C. Things like the iPad Pro does does not support NFC so need USB C and others like my iPhone is much easier to use NFR, with computers the USB is easier.

1 Like