1. Do I need a Yubikey only for connecting a new device or for daily unlocking? 2. Do I need to keep the Yubikey application in autoload all the time? 3. What happens if I lose my Yubikey?
1. Most of the time it's just for connecting a new device. It can depend on which services though. 2. No. 3. You can't log in. Always best to buy 2 Yubikeys and add both to each account when you set them up so you have a backup!
@@PeteMatheson Thank you. Your videos have taught me a lot about safety! In general, any attachment to physical objects scares me. Whether it's physical keys or "Emergency Kit" printed on paper or a mnemonic written on "special secret paper". In all this, I see a number of threats: they can be damaged or lost, someone can find them, they can be seized during an illegal customs inspection, etc. My security philosophy is based on the assumption that at some point, being in another country, I can lose all my things: devices, keys, papers, SIM cards. This can happen for completely different reasons. And I consider possible scenarios that would not violate the principles of security, but would not lead to a catastrophic loss of my entire digital life.
Hi Pete, thank you for the clear and helpful video! I was wondering if the same PIN and PUK codes can be used when registering an additional back-up key - or should a different PIN be used for each separate key?
Thanks for the video, really useful. I just purchased two keys. 1 primary and a backup. I have just registered my primary key using Yubikey Manager. Do I also set up the backup key, which will probably generate a different 48 digit Management code. Do I then add the two keys as 2 factory authentication onto the service available, like 1 Password? Just a little confused on how to set up 2 keys on Yubikey Manager. Any help appreciated. Thanks
This is a great guide to get started with mine, just one question though, Is the software only for initial setup? Can I use any instance of the software as long as I have the previous pins in order to change it? Also, I am planning on getting a backup key, is it best to get another of the same model or something else? (USB c / USB a) my phone supports nfc and I also need to use it with a pc, but on the other hand I may need to use with a apple device, so just wondering what the best practices are. Thank you!
Great Video! I am really new at this and a little confused. I purchased the Yubikey 5Ci (USB-C/lighting), YubiKey 5C NFC (USB-C), and Yubikey 5 NFC (USB). I purchase an extra one for each as a back up key. this gives me a total of 6 YubiKeys I have Windows 11 computer, a Macbook Pro (M1) with the most current update, iphone 13 max pro and Ipad. 12.9 pro (m1). What steps do I take to get started? How do I make a backup key? Ex I want to use it for 1 Password on all 4 devices. Do I have to do it for all six YubiKeys? Do I need to download the Yuvico software and/or app on my devices. Do I have to do them at the same time? As you see I am a little overwhelmed. Any help would be greatly appreciate. I looked on the site and it does not say any thing for different configuration when it is come to several devices. I hope I have not confused you. Thanks in advance Yor video is what made me purchase the YubiKeys.
What if you lost one Yubikey? I wish it lets you register second Yubikey as a backup like Dashlane used to do. Dashlane became worse after removing desktop app with their focus on web bs.
You need to insert the key everytime you use 1P? Within the day I use it dozens of times and it would be really inconvenient.... Also, for the mobile version, how are you doing?
You've probably found the answer to this already as your post was 6 months ago.. But no, you don't need to insert the key every time you want to use 1P. Only when you log in with a new device.
Great video Pete, but how on earth can I get 1password to ask for the Yubikey, only time it asked was the first time I logged in, is there any way I can set it up to ask me for the Yubikey, without deleting all cookies every time I close the browser.
Hi Pete, how can I get 1Password to ask for the Yubikey every time I log in, it only asked the first time or when i open a different browser and even then only the first time.
I have created a 1password account and got the yubikey. Not sure why 1password doesn’t always ask for the yubikey to be inserted? It only asked me once and doesn’t ask me everytime. In LastPass I was asked everytime to insert my yubikey. Do you know why 1password doesn’t always ask for yubikey if accessing it from the same machine ?
Thank you! Before I purchase one or two do you have a US affiliate address so you can get some credit? Also if I were to buy one which would you recommend? I was thinking the 5 NFC so I could use with phone and laptop even though my laptop on has usb-c but some others don't have this.
I was trying to. Set my yukey up with LastPass so this isn’t something that holds all your passwords this is like Google auth or instead of using your phone you use this key
Does using the Yubikey to secure 1 Password prevent 1 Passwords watchtower from being able to scan your vault unless you allow it to by touching your Yubikey?
Hi Pete, great video. I use 1Password and can’t help to think that any employee working at 1Password can easily get my Master Password from their own cloud and pull all of my vaults and passwords… what’s your thought on this? Cheers.
Your master password is used to encrypt your 1Password data on client side (on your device) and then the encrypted data is synced with their cloud servers. 1Password employees cannot see any of the data stored in your vaults unless you personally give an employee there your master password. Even if they wanted to look at your data that's stored in their cloud servers, all they would see if gibberish data because it's encrypted. You have nothing to worry about. Long story short, your master password is yours and is not sent to 1Password.
Doesn't this make your account less secure, as you are adding another method by which someone can access your account? Is there a way to enforce the requirement of a Yubikey, and reject the phone authenticator app method?
@@PeteMatheson if you have a key yubi key,that unlocks 1 password. Amd the key breaks or you loose it. How would you access your account at that point ?
Liked and subscribed. This is great but unfortunately it seems like a lot of financial institutions only work with sms 2FA, of course not all, but more than I had hoped. If that’s the case then does that mean there’s no way to use yubikeys with them?
Secure your 1Password masterpassword with Yubikey Static Password. You will have to plug in your Yubikey and press it to paste that password into 1Password to log in. Then use 1Password to log into those areas
@@GregoryEsman - If those financial institutions also supported yubikeys it will be lot more secure. Vanguard does it but schwab doesn't. Most banks don't.
You don't explain why we need add PIN to PIV? and what about FIDO? and OTP? what's the differences, why PIV and not others? What about the password on the yubikey authenticator app? what a mess!
@@PeteMatheson aha - I’m about as musical as a doorknob so wouldn’t have ever recognised it. So the yubikey is indeed somewhat useful in that case. Thanks for all the videos!
@@PeteMatheson Is it possible to use the yubikey every time you login to 1password? Not only once on a new deceive? Point is what if your main password is recorded by a keylogger and someone gained access to your computer, they can enter 1password on your computer. A always on 2fa would prevent that.
I was born and raised in Canada and am a native English speaker, but sometimes you just talk too fast. Especially when you get into the techy stuff it's hard to absorb when you're talking so fast. Chill.... and stay well, Cheers, Steve
You really should explain that when you say you are "Using Yubikey to secure your 1Password" you should be CLEAR and explain that what you actually mean is you are using Yubikey as a 2FA for Accessing your ONLINE 1Password Account.......NOT the version that someone may have installed on their LOCAL Machine. I really don't understand why people that are so concerned with SECURITY and PRIVACY have NO PROBLEM WHATSOEVER with uploading and storing their MOST SENSITIVE DATA - Such as PASSWORDS on the Server of a Private Company. I LOVE the 1Password Manager BUT I will STOP USING THEM when my current version is no longer supported by my OS. 1Password is making a BIG mistake by going to the Membership Model and people that support it are also making a BIG mistake. People are allowing these companies to have too much control and NO LIABILITY when something bad happens. But as usual, no one thinks about it until it's too late.
LOL. You clearly don't understand how encryption works. Every entry (password) stored "on the Server of a Private Company" is encrypted ... they can't read it.
1. Do I need a Yubikey only for connecting a new device or for daily unlocking?
2. Do I need to keep the Yubikey application in autoload all the time?
3. What happens if I lose my Yubikey?
1. Most of the time it's just for connecting a new device. It can depend on which services though.
2. No.
3. You can't log in. Always best to buy 2 Yubikeys and add both to each account when you set them up so you have a backup!
@@PeteMatheson Thank you. Your videos have taught me a lot about safety!
In general, any attachment to physical objects scares me. Whether it's physical keys or "Emergency Kit" printed on paper or a mnemonic written on "special secret paper". In all this, I see a number of threats: they can be damaged or lost, someone can find them, they can be seized during an illegal customs inspection, etc. My security philosophy is based on the assumption that at some point, being in another country, I can lose all my things: devices, keys, papers, SIM cards. This can happen for completely different reasons. And I consider possible scenarios that would not violate the principles of security, but would not lead to a catastrophic loss of my entire digital life.
Thanks for the video. What if for some reason the key is lost or gets damaged. What's the work around ?
That’s why you should get 2 as a minimum and add both of them to the account
@@PeteMatheson cool. Thanks. 👍
This is a great video. Do you need to use Yubikey to unlock passwords on mobile phones?
Thank you! No it’s just to sign in for the first time
Hi Pete, thank you for the clear and helpful video! I was wondering if the same PIN and PUK codes can be used when registering an additional back-up key - or should a different PIN be used for each separate key?
Thanks for the video, really useful.
I just purchased two keys. 1 primary and a backup. I have just registered my primary key using Yubikey Manager. Do I also set up the backup key, which will probably generate a different 48 digit Management code. Do I then add the two keys as 2 factory authentication onto the service available, like 1 Password? Just a little confused on how to set up 2 keys on Yubikey Manager. Any help appreciated. Thanks
Sorry - I have 2 x YubiKey 5C NFC’s
I learn so much watching your videos. Thanks!
This is a great guide to get started with mine, just one question though,
Is the software only for initial setup? Can I use any instance of the software as long as I have the previous pins in order to change it? Also, I am planning on getting a backup key, is it best to get another of the same model or something else? (USB c / USB a) my phone supports nfc and I also need to use it with a pc, but on the other hand I may need to use with a apple device, so just wondering what the best practices are.
Thank you!
is yubikey available for strongbox? (another password manager )
Great Video! I am really new at this and a little confused. I purchased the Yubikey 5Ci (USB-C/lighting), YubiKey 5C NFC (USB-C), and Yubikey 5 NFC (USB). I purchase an extra one for each as a back up key. this gives me a total of 6 YubiKeys I have Windows 11 computer, a Macbook Pro (M1) with the most current update, iphone 13 max pro and Ipad. 12.9 pro (m1). What steps do I take to get started? How do I make a backup key? Ex I want to use it for 1 Password on all 4 devices. Do I have to do it for all six YubiKeys? Do I need to download the Yuvico software and/or app on my devices. Do I have to do them at the same time? As you see I am a little overwhelmed. Any help would be greatly appreciate. I looked on the site and it does not say any thing for different configuration when it is come to several devices. I hope I have not confused you. Thanks in advance Yor video is what made me purchase the YubiKeys.
What if you lost one Yubikey? I wish it lets you register second Yubikey as a backup like Dashlane used to do. Dashlane became worse after removing desktop app with their focus on web bs.
It does let you add more than 1 key.
Thanks for this video!, question: can the yubikey used with 1Password desktop version?
@@PeteMatheson thanks for confirming!!
You need to insert the key everytime you use 1P? Within the day I use it dozens of times and it would be really inconvenient.... Also, for the mobile version, how are you doing?
You've probably found the answer to this already as your post was 6 months ago.. But no, you don't need to insert the key every time you want to use 1P. Only when you log in with a new device.
So you still need to sign in to 1Password? the yubikey don't work as the login checker?
It works as an extra layer of security, so yeah you still need to sign in initially 👍🏼
Great vid man! A question… can you use one Yubikey 5 NFC between an older MacBook Air and a PC running Windows 10? Thanks in advance.
@@PeteMatheson Thank you Pete!
Great video Pete, but how on earth can I get 1password to ask for the Yubikey, only time it asked was the first time I logged in, is there any way I can set it up to ask me for the Yubikey, without deleting all cookies every time I close the browser.
I have the same question. It appears that this is something that 1password doesn’t offer like last pass.
Hi Pete, how can I get 1Password to ask for the Yubikey every time I log in, it only asked the first time or when i open a different browser and even then only the first time.
Yaah, i too have the same question. Were you able to figure out?
I have created a 1password account and got the yubikey.
Not sure why 1password doesn’t always ask for the yubikey to be inserted? It only asked me once and doesn’t ask me everytime. In LastPass I was asked everytime to insert my yubikey.
Do you know why 1password doesn’t always ask for yubikey if accessing it from the same machine ?
Thank you! Before I purchase one or two do you have a US affiliate address so you can get some credit? Also if I were to buy one which would you recommend? I was thinking the 5 NFC so I could use with phone and laptop even though my laptop on has usb-c but some others don't have this.
@@PeteMatheson Or use the cheaper Security Key with also supports NFC and works great with 1Password
Now all we need is a discount code for Yubikey lol
hi, can i sign in to 1password with my secret key if i have forgotten my master password?
No, you'll need all 3 things to sign in (Username / key / master password)
Is there a way to do 2fa for offline vaults?
If anybody wants to just skip all the padding, jump to 2:20
I was trying to. Set my yukey up with LastPass so this isn’t something that holds all your passwords this is like Google auth or instead of using your phone you use this key
Does using the Yubikey to secure 1 Password prevent 1 Passwords watchtower from being able to scan your vault unless you allow it to by touching your Yubikey?
No
Hi Pete, great video.
I use 1Password and can’t help to think that any employee working at 1Password can easily get my Master Password from their own cloud and pull all of my vaults and passwords… what’s your thought on this? Cheers.
Your master password is used to encrypt your 1Password data on client side (on your device) and then the encrypted data is synced with their cloud servers. 1Password employees cannot see any of the data stored in your vaults unless you personally give an employee there your master password. Even if they wanted to look at your data that's stored in their cloud servers, all they would see if gibberish data because it's encrypted. You have nothing to worry about.
Long story short, your master password is yours and is not sent to 1Password.
@@KieranColfer Amazing Kieran, exactly what I needed to go full monty with 1Password. Thanks!
Doesn't this make your account less secure, as you are adding another method by which someone can access your account? Is there a way to enforce the requirement of a Yubikey, and reject the phone authenticator app method?
What happens if the security breaks or stops working. What do you do. Then ?
@@PeteMatheson if you have a key yubi key,that unlocks 1 password. Amd the key breaks or you loose it. How would you access your account at that point ?
@@ac7384 You should purchase and configure more than one Yubikey, then keep the spare in a secure place.
Liked and subscribed. This is great but unfortunately it seems like a lot of financial institutions only work with sms 2FA, of course not all, but more than I had hoped. If that’s the case then does that mean there’s no way to use yubikeys with them?
Secure your 1Password masterpassword with Yubikey Static Password. You will have to plug in your Yubikey and press it to paste that password into 1Password to log in. Then use 1Password to log into those areas
@@GregoryEsman wow thank you so much for the advice! I’m definitely going to do that!
@@GregoryEsman - If those financial institutions also supported yubikeys it will be lot more secure. Vanguard does it but schwab doesn't. Most banks don't.
A very valuable film. However, for those who know English at school level, you speak too fast: D
Shame the bio key doesn't support NFC at the moment
You don't explain why we need add PIN to PIV? and what about FIDO? and OTP? what's the differences, why PIV and not others? What about the password on the yubikey authenticator app? what a mess!
Sorry to bother, but is there a chance that you have any working link for the 1password discount? thanks in advance.
@@PeteMatheson yeap, none of the 1pass load
sorry, nevermind. using an VPN to US te redirect to the site works. :)
Is this more secure than using Touch ID / Face ID to unlock 1Password? Interesting “budgie smuggler” necklace by the way 😂
@@PeteMatheson aha - I’m about as musical as a doorknob so wouldn’t have ever recognised it. So the yubikey is indeed somewhat useful in that case. Thanks for all the videos!
@@PeteMatheson Is it possible to use the yubikey every time you login to 1password? Not only once on a new deceive? Point is what if your main password is recorded by a keylogger and someone gained access to your computer, they can enter 1password on your computer. A always on 2fa would prevent that.
Yeah xbox important in retirement home
Please, please, please, drop the background music. I can barely hear you and it's soooooo distracting! :(
I was born and raised in Canada and am a native English speaker, but sometimes you just talk too fast. Especially when you get into the techy stuff it's hard to absorb when you're talking so fast. Chill.... and stay well, Cheers, Steve
Talking at twice the speed of sound does not make you any more comprehensible....
You really should explain that when you say you are "Using Yubikey to secure your 1Password" you should be CLEAR and explain that what you actually mean is you are using Yubikey as a 2FA for Accessing your ONLINE 1Password Account.......NOT the version that someone may have installed on their LOCAL Machine. I really don't understand why people that are so concerned with SECURITY and PRIVACY have NO PROBLEM WHATSOEVER with uploading and storing their MOST SENSITIVE DATA - Such as PASSWORDS on the Server of a Private Company. I LOVE the 1Password Manager BUT I will STOP USING THEM when my current version is no longer supported by my OS. 1Password is making a BIG mistake by going to the Membership Model and people that support it are also making a BIG mistake. People are allowing these companies to have too much control and NO LIABILITY when something bad happens. But as usual, no one thinks about it until it's too late.
LOL. You clearly don't understand how encryption works. Every entry (password) stored "on the Server of a Private Company" is encrypted ... they can't read it.
No annoying music please!! It doesn’t make it better, it makes it worse!