I've been thinking about getting a hardware security key and have heard of yubikey before; but I want to see what my options are and if they are worth it in your opinion.
My current setup is a local KeePassXC database (that I sync between my PC and phone and also acts as TOTP authenticator app), I know that KeePass supports hardware keys for unlocking the database.
I am personally still of the belief that passwords are the safest when done right; but 2FA/MFA can greatly increase security on top of that (again, if done right).
The key work work together with already existing passwords, not replace them.
As I use linux as my primary OS I do expect it to support it and anything that doesn't I will have to pass on.
PS: what are the things I need to know about these hardware keys that's not being talked about too much, I am very much delving into new territory and want to make sure I'm properly educated before I delve in.
While Keepass has the ability to use a Yubikey (or similar) as 2FA (masterpassword is still required), this does not work on the mobile (Android) apps I tried. If you can make it work, please let me know!
Other than that: I got my Yubikey working ok on Linux Mint. But somehow the first login often does not work as expected (you have to touch the key). That is why I don’t use it anymore as 2FA for computer login.
