Unable to rename TOTP credentials once added.

[ghstwhl]

• Yubico Authenticator version: 4.3.4
• Operating system and version: macOS 10.14.1
• YubiKey model and version: Yubikey 5 (5.1.1)
• Bug description summary: Once a TOTP credential is stored, the name is immutable. If you choose poorly you need to re-do the entire MFA setup to get a new credential.

Steps to reproduce

1. Add a TOTP token
2. Look for the non-existent menu option to rename it.

Expected result
I'd like to be able to rename entries.

Actual results
You can't rename entries.

Other info

[Anything else you would like to add?]
Not a bug, really, This is a feature request. :)

[dagheyman]

Thanks for the suggestion!

I can see the use for this, but the firmware does not allow editing the credentials on the YubiKey once they have been written to the device. This is by design, and not likely to change.

[nathaniel-holder]

@dagheyman Can you explain why this is by design?

[nevun]

@nathaniel-holder this is a hint that this will change ;) Yubico/developers.yubico.com#294

[awilkins]

Sadly even if they add this feature to new key firmwares, older keys won't have this feature :-)

I resorted to adding a means of aliasing keys to the TOTP plugin for AWS CLI because I set mine up with an easy-to-type name and then realized that lots of things use the mfa_serial to identity the TOTP key. The process for getting your MFA reset in my org is involved... and I don't want to lose the ability to quickly type ykman oath code keyname either.

Given that TOTP has to be mediated through software (because the key has no RTC you need a computer to add that factor), it would be feasible to add a similar aliasing mechanism to any software selecting a TOTP key from the key for token generation.