I tried out my MtGox YubiKey on the blockchain wallet service, and I noticed the OTP's that it generates are REUSABLE. It seems Blockchain.info is only looking at the first few letters of the OTP, as they are static, you can actually change the end of the OTP and the website will still accept it.
Doesn't sound secure at all to me.
You are absolutely correct
https://bitcointalk.org/index.php?topic=64300.0What about if you don't use the MtGox Yubikey but the standard version. Also can you use the standard version of the Yubikey on more than wallet/site and be safe?