2FA for android devices

about the multi-factor authentication, which options are for doing it in an android device? I have a yubikey NEO which I use with lastpass (although I will migrate my passwords to keepass for a number of reasons). This is supported by android using NFC, but my current phone doesn’t have NFC, and the fact that the newest versions of the yubikey don’t support it neither make me think that it doesn’t have a lot of future. I’ve unsuccessfully tried to look for it, but everything I find are methods for using the phone as 2FA device for login sites from the computer.

Do you know if there is some method for this? If it doesn’t exist, is it a good idea to set wherever possible 2 methods for 2FA, i.e.yubikey and Authy, so I can choose the one for each device, or would this be more unsafe for some reason? (IMHO Authy would be useless for the phone since you are doing the 2FA with the phone itself, maybe I’m wrong). The fact that almost every 2FA system uses the phone as “token” makes me think that maybe multi-factor is not THAT important in the phone, but it would be better if it’s activated.

Its an interesting question. As far as i know NFC has future with yubikey its just a different key. Yubikey would be the best route. But untimely phone privacy is best efforts situation especially with Android. The best phone security for authentication at the moment is with the iphone with its use of the secure enclave. I am not aware of other methods.

I’ve seen in the yubico website that they have a yubikey nano with an USB-C adapter for the new MacBooks. I thought that maybe I can use a micro-USB adapter and use a normal yubikey as an OTG device, since AFAIK it’s recognized simply as a keyboard, at least for the 2FA stuff. In the yubico forums some blokes tried it with mixed success, I have cyanogenmod, so it shouldn’t be a problem. If somebody is interested in this, they can give it a shot.

Interesting. Isn’t cyanogenmod on its way out? I read no further updates for that now.