I'm using something kinda similar to this :)
Pre-programmed my YubiKeys with a 'master password' in a safe environment, and using their HMAC signing capability to generate consistent passwords, kinda similar to your algorithm. This makes sure the master password is safe, and that passwords can only be generated one at a time when I press the YubiKey. https://github.com/noliran/ykpass