yubicokeepassyubikey

Is it possible to add more than one YubiKey to a .kdbx file?


I'm testing Yubico YubiKey 5 NFC. I use KeePassXC to save sensible information. KeePassXC accepts YubiKeys, but only one. Is it possible to add more than one to a .kdbx file?


Solution

  • Having two different seeds in two separate YubiKeys is not possible. You need to add the same seed to the other YubiKey to keep a copy of it. Documentation states:

    What happens if I break my YubiKey? Can I create backup keys?

    You should always make a copy of the HMAC secret that is stored on the YubiKey and keep it in a secure location. This can be an analog paper copy, but since the YubiKey personalization tool allows you to program a custom secret into the key, you may as well program a second key with the same secret

    Can I register multiple YubiKeys with my KeePassXC database?

    You can only use a single secret for encrypting the database. So you can use multiple YubiKeys, but they all have to be programmed with the same secret (see question above).

    The explanation to setup same id in slot 2 in two YubiKeys is here. To the second key you must copy & paste the same seed.