scy, If you own a modern #YubiKey, you might know that you can use the YubiKey Manager to enable/disable the applications & interfaces it provides.
What you probably didn't know: You can password-protect this setting using the command-line version of the Manager, with the
ykman config set-lock-code
command.If you lose that lock code, you can't change the setting anymore, ever.
If it's not yet set, others with physical access to your key could disable everything, set a code and lock you out. 😬
Add comment