Jun 24, 2009 at 2:25 PM

Is there any way to implement a failsafe option?  For example, if I'm at work and the USB ports are disabled, I would like to be able to log in.

Jun 24, 2009 at 10:33 PM

unfortunately it wouldn't really add much security if it were easy to disable. Maybe it would be possible for you to send an email to a certain email address containing a passcode to temporarily disable the second factor. Maybe there is a pattern for this somewhere. Chances are though that your work usb ports are only disabled for anything but a keyboard? Or does your company only use ps/2 keyboards? One of the nice things about the yubikey is that it presents itself as a USB HID, so it should still interface with a lot of locked down machines.

Jun 25, 2009 at 3:44 AM

Obviously I'm not looking to easily disable this feature.  That would be pointless.  I was thinking of something like what paypal does with their token.  There is a link that says "I don't have my token" or something like that.  When you click that you are prompted for more information.  If you complete that successfully you are granted access.