I'm considering whether to use the Microsoft Authenticator app with device-bound passkeys for emergency access accounts instead of relying on hardware security keys like Yubikeys. Using passkeys would simplify logistics, as we wouldn't have to purchase and ship hardware keys to remote admins, who might also end up losing them. I know that the Authenticator app allows for only one passkey per account per device, but multiple admins can register separate passkeys on their own devices. To keep things secure, I thought we could give each admin a one-time access token to register their passkey, which could also allow for up to 10 separate passkeys per device. My question is, are there any drawbacks or risks in using the Authenticator app's passkeys for these emergency accounts compared to traditional hardware keys?
4 Answers
I would strongly recommend sticking with hardware tokens like Yubikeys. They're less likely to be compromised over time compared to a phone, which might be lost or hacked. It's essential to have those tokens well managed, maybe assigning a couple of senior folks as key holders while ensuring they know how to set them up remotely. Plus, you can easily track who has access to them, which is harder to do with personal devices.
In theory, using passkeys via the Microsoft Authenticator app might seem convenient, but remember that emergency access accounts are meant to be strictly controlled. Relying on admins' personal devices could increase security risks, especially if their phones get compromised. It's usually safer to have hardware tokens locked away, preferably in a place where only a few trusted people can access them. This way, you ensure the access is only used in critical situations and not just because it’s convenient.
While having emergency access accounts readily available is crucial, they also need to be hard to access. Using passkeys tied to personal phones goes against that principle. What if an admin leaves, or their phone is lost? Every change in personnel complicates things. The best approach, as mentioned, is to have a handful of hardware tokens stored securely that are only used when absolutely necessary. That keeps the account's integrity intact.
Emergency access accounts should be on lockdown, and hardware keys are ideal for this purpose. They can be stored strategically, like in a safe that multiple trusted individuals have access to. This ensures that even if something happens to one person, others can still retrieve the key. Just be sure to check the tokens regularly to confirm that they still work! Overall, having multiple hardware tokens is a lot safer than limiting access to personal phones.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures