Authoritize
Frequently Asked Questions
- What are the system requirements for
running Authoritize?
- Authoritize requires Mac OS X 10.5 or later. It is shipped as a
Universal Binary application and has been tested on both Power PC
and Intel machines.
- After uninstalling Authoritize the
login window is not displayed.
- This is a known problem. After uninstalling if you then logout,
or choose 'Login Window...' from the fast user switching menu the
login window is never displayed. You end up with a blank blue
screen. If this happens then remotely login via SSH and run
'shutdown -r now' as root, or hold down the power button for a few
seconds to reboot the machine.
- What is a private AES key?
- When you insert your Yubikey and press the button the password
generated is not just a random string. The first 12 characters are
the keys public ID then the following characters actually contain a
lot of information about the keys usage. Information like how many
times the button has been pressed and when it was last used. You
can see this information in the Authoritize Preferences Pane. To
protect this information the data is encrypted using the
Advanced Encryption
Standard (AES) before being displayed. The AES key used to do
this is stored on the Yubikey in a special area of memory which
cannot be read.
- Why does Authoritize need to know my
private AES key?
- To confirm that the key used to log in is the actual one
registered with the account, Authoritize decrypts the password
using the private AES key. If this is successful then not only do
we have the usage information from the key but we are certain that
the Yubikey used to access the account is the one registered.
- How can I find out my Yubikeys private
AES key?
- Unless you program the Yubikey yourself then the only people
that know the AES key are Yubico themselves.