After reading through McNkife's article https://www.experts-exchange.com/articles/24599/Free-yourself-of-your-administrative-account.html
I have some questions on how it relates to YubiKey.
I'm using Windows 10 Pro in a workgroup setting where I have only two accounts in Windows: a user account and an admin account (the default administrator account renamed per Microsoft recommended Best Practices). The user account has YubiKey assigned to it and I was about to do so for the admin account but I'm not sure about a couple of items I have included below:
- Can the YubiKey work in a no password scenario?
- If I assign the YubiKey to the admin account will that require the YubiKey for every elevation prompt?
- Is having the YubiKey assigned to the admin account even bettering my security if I apply the article above to my machine - Are there any viable benefits?
- If the settings annotated in the article above go wrong (get corrupted) is there a potential to be locked out of the admin account forever - what are the downsides (if any) to this idea expressed in the article