How does concatenating a user password and a YubiKey OTP work?

Question

I use a Yubikey to log in to a VPN. When logging in, I supply a username, and then type a password, and without hitting return, touch the Yubikey.

As far as I understand, and from experimenting, the Yubikey looks like a keyboard to the OS, and it appends a one-time, encrypted, string, finishing with an EOL. This is explained in this question

However, I understood that good authentication works by sending a hash of the user's password to the remote server, and this works if I'm sending just a OTP. if If the user password+Yubikey OTP string is hashed on the client, how is it disentangled to be verified on the server? Is my password stored un-hashed on the server?

Answer 1

You are mistaken in your understanding. The security of an authentication system is defined mostly by the type of attacks it will protect against. Hashing the user password is very often part of authentication systems but usually not in the way you described.

Typically, in order to store the password in a manner that is considered secure (salted, hashed, stretched) it will required the password to verify to be provided in clear text.

The security of the actual password while in transit is typically left to connection encryption (usually, TLS).

The addition of a OTP system does not change the above: validation of the OTP is typically done without directly involving the password.

Answer 2

As @Stephane pointed out, the password you are entering is not hashed on the client - unless you are doing things like MSChapV2.

Thus the authenticating server sees a plaintext password string of your secret static password and the yubico AES encrypted OTP value.

As the authenticating system knows, how long the Yubikey output is (if you are using AES mode probably 44 or 32 chars) then the system can split the string

1. string[32:] -> verify yubico OTP
2. string[:-32] -> hash it and check against the hashed static PW in the DB.