PeterPan Since the upgrade to Android 16, my yubikeys do not start the yubico authenticator app anymore. Instead a popup is shown with a link to https://my.yubico.com/yk/#
Ideas how to fix this annoying behavior?
You need to use the YubiKey Manager CLI (Command Line Interface):
ykman otp ndef -t TEXT [slot]
From my notes when I had an issue with this a long time ago:
It configures which slot is read over NFC. If you point it to the slot that is configured for challenge-response and set the ndef type to TEXT it will contain nothing and all is well.
If you point it to the slot containing the static password, that will be passed to Android in encrypted form.
By default, it pointed to the static password slot and https://my.yubico.com/yk/# was prepended to the encrypted static password. This link is meant to be passed on to the Yubico app, which then decrypts it and can make it available to the user through the ‘Copy OTP to clipboard’ setting (in ‘On YubiKey NFC Tap’).
Haven't used the Yubico app in a long time though.
Here's the full help for ykman otp ndef:
Usage: ykman otp ndef [OPTIONS] {1|2}
Configure a slot to be used over NDEF (NFC).
If "--prefix" is not specified, a default value will be used, based on the type:
- For URI the default value is: "https://my.yubico.com/yk/#"
- For TEXT the default is an empty string
Options:
-p, --prefix TEXT added before the NDEF payload, typically a URI
-t, --ndef-type [TEXT|URI] NDEF payload type [default: URI]
-h, --help show this message and exit