In the light of EUCLEAK - YubiKey 5 can be cloned in a matter of minutes
I noticed we do not yet recommend the always require user vector setting on Yubikeys. This partly mitigates the vulnerability discovered and generally seems good practice.
Can be set like:
ykman fido config toggle-always-uv
Or with settings in the apps.
Yubico themselves also recommends this as mitigation: https://support.yubico.com/hc/en-us/articles/15705749884444-Infineon-ECDSA-Private-Key-Recovery-Customer-Resources
What important and relevant information. You are very good!
I had already configured this and I mostly use Yubikey Bio series. But just checked and saw it wasnât recommended as a default yet and we should really encourage using this.
Havenât looked yet, but we should also double-check whether this is possible on the Yubico Security Key series, and on Nitrokeys for the sake of completeness.
I just checked and I can confirm that this option is not supported even on yubico 5 series with firmware versions older than 5.7. Considering that they released yubikey 5 series with the updated firmware 5.7 on May 21, 2024, any yubikey 5 series that was purchased before that date comes with an older firmware version (like 5.4.x). So all yubikeys (except for BIO) that do not have the latest firmware are vulnerable to this.
edit: clarification
Shit, seems you are right. Thatâs a pitty. I am now even more glad with my bio ones.
Configure alwaysUv? ¡ Issue #499 ¡ Yubico/yubikey-manager ¡ GitHub says 5.5 and later, so there may be a 5.5-5.7 range of devices which could benefit from this setting.
Edit: Mine is 5.4.3 so I canât confirm 
Edit 2: Oh, 5.5 and 5.6 were Bio only, I see lol
Yeah the firmware matrix confirms that yubikey 5 series never had 5.5.x firmware versions.