Hi Shannon and others. PayPal and eBay sites don't allow registration of a backup security key and should be called out on it. It's recommended practice to register at least 2 hardware security keys. There's already a ticket about it on PayPal community support but seems to be ignored.
Well you can have a TOTP Code as a backup authenticator so there's at least that, but would be better just to allow many physical keys @@againstbulshit2895
For 2FA, on PayPal a security key IS the backup to using an authenticator app (TOTP) or vice-versa. Personally, I use the authenticator app 2FA on PayPal. Backing up the QR codes and installing them on new devices is easy and never limited by website rules or UI. I use a Yubikey for TOTP so I'm still retaining the "hardware kept secrets" aspect of a (FIDO) security key.
Awesome series! I'd love to see more about Yubikeys. They have so much more options such as using it for PGP keys, and more. I'd love to hear your option and see a walk-through tutorial.
Hey Shannon, I really like the content you put out. It is very helpful to this old man. I’d love to see more iOS oriented content, if possible. Thanks for what you do!
I have learned that when setting up TOTP to select the "I can't scan the QR code" option and to get the seed directly. I setup the Yubico for TOTP using the seed I input. I securely record the seed so I can repeat this on my backup Yubico as sites don't allow multiple TOTPs.
Great explanation. I've started using HW keys only recently. Embarassing because I work in IT :) And I still find how it all works with all those options a bit confusing. Must be a nightmare for folks with non IT background.
@@nadya4315 A lot of services I've used force you to use a secondary method for authentication. For example, one time codes. So you should be ok while loosing only a passkey. But true, you need to store those somewhere safe.
@@nadya4315 Almost every service I've used don't allow you to use only 1 method of authentication when you use this 2FA or key. So they wanted me setup a second HW key or one-time login codes or something. So if you loose your primary passkey you can still login with a second method. I hope it helps :)
I may be biased, but your hair always looks best when it has some blue or purple. Anyway, great video and I can totally relate to the productive feeling when securing one's accounts. Keep up the valuable content. Cheers.
How would I handle accessing an account on multiple devices? For example, if I secured my Google account with a passkey, either a Yubikey or my iPhone, how would I then log into that Google account on my smart TV or cable box for Android TV?
I’m an owner of the 5c nfc. Still can’t figure out from your videos what the difference between passkeys and hardware keys is, I imagine both require sticking or tapping your Yubikey. Listening to you from Poland 🇵🇱 🎉
Shannon, I am about to upgrade one of my computers from Win 10 to 11. Will the yubikey that is registered to the 10 work on the 11? Or is that registration on the websites? Is there a need to make a short video on what to do if you upgrade or do a clean install of windows as it pertains to the current Yubikey?
Hi Shannon - I just followed your instructions to add my Yubikey to eBay - awesome! HOWEVER - they do not seem to have the ability to a a backup key - any suggestions?
I understand Passkey is relatively new. But, if I use Passkey with a website. Shouldn’t the website let me delete my password? I’m still vulnerable if they’re hacked and my password is stolen? Correct? This assumes I’m not using 2FA. Am I missing something?
It depends on how they manage the security features on the website. If there is no option to disable the password best you can do is use a password manager to create a really long password and only use it as backup.
I tried to set it up on ebay but it doesn't give me the options for passkey . I set up passkeys in one Google account but it will not let me set it up on the other one on this device . phone only .
Excelente! Thank you Shannon for this wonderful video! Would you please do a video on Norton Power Eraser, HitmanPro, and Kaspersky? I wish to see what your opinion is using these products. Thank you once again for your informative videos!!!
Shannon, thank you for all the good videos! I have bought 2 keys and want to 'map out' my security plan before initiating the keys. One topic I can not find information on is running multiple authenticators on the same device. Thinking about retaining my Lastpass authenticator for sites that are less critical and adding the Yubico authenticator for use with physical passkey sites where higher levels of security are needed. Do you have any information place we can research this setup? Or suggestions? Thank You....
Thats for the video, so passkey would replace the security key feature ? I now have my yubikeys setup with my google account but no passkey, this I did setup in bitwarden. One reason for that was the limit of 25 passkeys storable on yubikey itself, while I still have them set as security keys to my bitwarden account.
Nice videos. I do not get the point of storing a passkey on a device that is protected by a digit PIN. So, 4 digits and you're compromised. So in this case, phone seems more secure (if it does not fallback to a PIN). Or maybe a hardware key with a fingerprint, I'll check for that.
Great video, but I have one question, how do I get a phone into the device list like it is shown in video at 6:51. On my iMAC I get only liste my old mobile, for my new pixel8 I have always go via the "use different phone or tablet" option. Even after going multiple times through it an tick the "remember that computer " checkbox it will not shown. When I click on manage devices button I see just my old phone in m devices and not the Pixel8 as well there is no way to add or remove a device.
Hi Shannon, another great video! I've just sent off for two Yubikeys (I used your site to get a discount, thanks). Can you have the same PIN on the primary key as the spare? or wouldn't you advise this?
I found the same to be true. I contacted Ebay this morning and was told PASSKEYS are only available for Business Accounts and Ebay Store Accounts, not Personal Accounts. Today is Aug 10, 2024. Instead of Passkeys, I opted to use the YubiKey for 2FA Authentication in combination with the Yubico Authenticator App. Seems to work just fine.
Great video, thanks..... but I just missed the reason to buy/use Yubikey, when you might as well use ie. your mobile phone that you already have?? what are the added benefits of the Yubikey?
Would I be about to use a Security Key C NFC The YubiKey 5 C NFC to create passkeys for my APPs and Websites? Or do I need to get The YubiKey 5 C NFC. What would be the reason way I would want to get The YubiKey 5 C NFC over the Security Key C NFC
I absolutely love this video. And I love how you showed how to do this with your phone step by step. There is just 2 things though that i wanted to ask. By any chance for passkey to work does your PC have to have Bluetooth capabilities? Secondly i have a Pixel 6A and have a passkey already set up for my phone but yet everytime I try to login i never get the prompt on my phone to verify my identity. I end up having to either use my password or use the QR code everytime just to login. Do you know by any chance is this something on my end or could it be on Google's end?
Hello Shannon. Please respond. I have two 5 series yubikeys and need just a little clarification. While using a 5 series yubikey is there a way to use my key with accounts like B of A..... that don't offer anything but 2FA sms? I keep hearing on other yubikey videos that the 5 series offers multiple uses. Am I missing something? Thanks
It appears it's really up to the individual businesses to decide what security they choose to make available to users. For example, in this video she setup Ebay as a PASSKEY. I went to my Ebay account to do the same and could not find anything referencing PASSKEYS for Personal Accounts. I contacted Ebay and they confirmed that PASSKEYS are only available on Business Accounts and Store Accounts. So I just used my key to login with the 2FA Authentication they have available. I suspect many companies will eventually make Passkey use available, but until they do, a Hardware physical YubiKey + Yubico Authenticator for 2FA is likely the next most secure way to protect your account. Once you have it setup this way, you may want to physically copy the QR Code Page and print it out for every account as you introduce the YubiKey as well as print out a copy of the "Backup Codes" and keep them safe just in case. Once you do that, you can remove or disable all other types of account login 2FA methods so your account becomes relatively bullet proof unless someone has your physical Yubikey in hand.
There seems to be a flaw with Adobe. I registered my yubikey as a passkey, put in my PIN from the Windows Security screen, touch the "Y" and it says it was setup successfully, but when I logout and login to try it, the Windows Security screen comes up and says the security key doesn't look familiar. I've setup a passkey on other sites with no problem. Wonder if you could try Adobe and see if you get the same thing.
The pin number on the yubikey has to be reset, therefore it will wipe the key itself of any certificates, otp, static passwords, etc that have been setup. Gotta start over at that point.
I have not seen a key that does both USB A and USB C. They are two separate keys or you can buy either one and then purchase an adapter to plug it into to switch to the other style port. I have the YubiKey 5 NFC, and I purchased an adapter to go from USB-A to USB-C. Got them on Ebay. Hope this helps.
On desktop Gmail asks for my username and password. I want it to use my phone and fingerprint. I click to create a passkey and I get the windows security message asking me to insert a usb key. I don't get the option to use my phone. I have 2 factor authentication via USB as well. I'm a bit confused at how to set this up and various videos always show the option to choose your phone.
What if I change my phone service from Apple to Android or vice versa. Am I locked into that eco system? How do I port passkeys back and forth systems. I don't think it is possible. If it is do share. Also those that use public libraries computers need not apply so this creates a rift in society for those that have and those that have not. Passwords will be around for a long long time until that can be resolved.
Most of my audience is Windows/Linux/Android and Apple videos don't get a lot of views. I also only have an iPhone, no other Mac products. I may delve into apple products more if there is enough audience base to justify the cost of the products. I would need to purchase them as apple wouldn't send them.
Hi Shannon and others. PayPal and eBay sites don't allow registration of a backup security key and should be called out on it. It's recommended practice to register at least 2 hardware security keys. There's already a ticket about it on PayPal community support but seems to be ignored.
Hardware key got broken, no more access 😂
Well you can have a TOTP Code as a backup authenticator so there's at least that, but would be better just to allow many physical keys @@againstbulshit2895
For 2FA, on PayPal a security key IS the backup to using an authenticator app (TOTP) or vice-versa. Personally, I use the authenticator app 2FA on PayPal. Backing up the QR codes and installing them on new devices is easy and never limited by website rules or UI. I use a Yubikey for TOTP so I'm still retaining the "hardware kept secrets" aspect of a (FIDO) security key.
Shannon, your enthusiasm is Contagious! Keep Going, Girl! ☺️☺️☺️
I love when you upload security videos.I actually understand them
This is the best compliment. Thank you! I'm glad my videos are easy to understand 😁
Awesome series! I'd love to see more about Yubikeys. They have so much more options such as using it for PGP keys, and more. I'd love to hear your option and see a walk-through tutorial.
Hey Shannon, I really like the content you put out. It is very helpful to this old man. I’d love to see more iOS oriented content, if possible. Thanks for what you do!
Clear as mud! Glitchy passkeys is an understatement.
I have learned that when setting up TOTP to select the "I can't scan the QR code" option and to get the seed directly. I setup the Yubico for TOTP using the seed I input. I securely record the seed so I can repeat this on my backup Yubico as sites don't allow multiple TOTPs.
That's a smart and useful tip!
Thank you so much for what you've done over the years Shannon !!!
Great explanation. I've started using HW keys only recently. Embarassing because I work in IT :) And I still find how it all works with all those options a bit confusing. Must be a nightmare for folks with non IT background.
What if I lost my passkey ? It means I wouldn’t restore access to email?
@@nadya4315 A lot of services I've used force you to use a secondary method for authentication. For example, one time codes. So you should be ok while loosing only a passkey. But true, you need to store those somewhere safe.
@@nadya4315 Almost every service I've used don't allow you to use only 1 method of authentication when you use this 2FA or key. So they wanted me setup a second HW key or one-time login codes or something. So if you loose your primary passkey you can still login with a second method. I hope it helps :)
I may be biased, but your hair always looks best when it has some blue or purple.
Anyway, great video and I can totally relate to the productive feeling when securing one's accounts.
Keep up the valuable content.
Cheers.
💜💚❤I absolutely love you hair!! ❤💚💜Totally AWESOME!! Great job. It must have taken a lot of time, talent, and skill to make it look so good.
Totally AWESOME video and information. Thank you so much Shannon.
You are so welcome!
How would I handle accessing an account on multiple devices? For example, if I secured my Google account with a passkey, either a Yubikey or my iPhone, how would I then log into that Google account on my smart TV or cable box for Android TV?
From your phone as it's done now :)
I’m an owner of the 5c nfc.
Still can’t figure out from your videos what the difference between passkeys and hardware keys is, I imagine both require sticking or tapping your Yubikey. Listening to you from Poland 🇵🇱 🎉
Is the yubiko key attached to the computer?
Love these videos to show how easy it is to secure those accounts Shannon. If only more websites make use of them.
I totally agree!
Shannon, I am about to upgrade one of my computers from Win 10 to 11. Will the yubikey that is registered to the 10 work on the 11? Or is that registration on the websites? Is there a need to make a short video on what to do if you upgrade or do a clean install of windows as it pertains to the current Yubikey?
Thanks for sharing. I enjoy your security content. Blessings on your day.
Thank you! You too!
Very helpful. Thanks for making the details simple. Shared with family.
Glad it was helpful! Miss you! You going to CES?
@@ShannonMorse I'm still weighing costs and sponsorship. Will let you know.
Hi Shannon - I just followed your instructions to add my Yubikey to eBay - awesome! HOWEVER - they do not seem to have the ability to a a backup key - any suggestions?
I understand Passkey is relatively new. But, if I use Passkey with a website. Shouldn’t the website let me delete my password? I’m still vulnerable if they’re hacked and my password is stolen? Correct? This assumes I’m not using 2FA. Am I missing something?
I was wondering the same thing
It depends on how they manage the security features on the website. If there is no option to disable the password best you can do is use a password manager to create a really long password and only use it as backup.
U2F is still two step. They’d need both the password and key to get into the account. What’s so difficult to understand?
Hey Scot
I was thinking the exact same thing
Has anyone been able to answer that issue which seems to defeat the idea of having a yubikey.
4:58 hahaha :P love when you do that
9:20 SOOOOOOOOOOOOOOOO TRUEEEEEEEE!!!!!!! XD
GM Shannon, Stay Safe in Denver., J
I have the Yubikey 5 nfc. is this the updated version of the setup? getting kind of confused here..
I tried to set it up on ebay but it doesn't give me the options for passkey . I set up passkeys in one Google account but it will not let me set it up on the other one on this device . phone only .
Excelente! Thank you Shannon for this wonderful video! Would you please do a video on Norton Power Eraser, HitmanPro, and Kaspersky? I wish to see what your opinion is using these products. Thank you once again for your informative videos!!!
Shannon, thank you for all the good videos! I have bought 2 keys and want to 'map out' my security plan before initiating the keys. One topic I can not find information on is running multiple authenticators on the same device. Thinking about retaining my Lastpass authenticator for sites that are less critical and adding the Yubico authenticator for use with physical passkey sites where higher levels of security are needed. Do you have any information place we can research this setup? Or suggestions? Thank You....
SEEING YOU GET SO EXCITED OVER YUBIKEYS sHannon I'll send you a couple for Christmas
no need! I have too many haha
Nice work. How can you sign in via android? Any videos?
Thats for the video, so passkey would replace the security key feature ? I now have my yubikeys setup with my google account but no passkey, this I did setup in bitwarden. One reason for that was the limit of 25 passkeys storable on yubikey itself, while I still have them set as security keys to my bitwarden account.
I have hardware Security key from yubikey but I can’t seem to get iPad Pro 12.9 get to scan it with NFC. Does iPad Pro have NFC ??
Hi I set up passkey but not showing as done with yt green check why??
Nice Shannon 😊
Does the PC you hold your phone near have to have bluetooth in order to detect passkey on phone? As mine doesn't pop up with anything.
Nice videos. I do not get the point of storing a passkey on a device that is protected by a digit PIN. So, 4 digits and you're compromised. So in this case, phone seems more secure (if it does not fallback to a PIN). Or maybe a hardware key with a fingerprint, I'll check for that.
Love my Yubikey
I like your videos, but I can hardly read what you try to show us. The text/writing is so small.
is the Biometrics route required for google accounts or could you have done it via the Yubikey instead?
I'm using the standard YubiKey 5 NFC key on Google using passkeys. It works just fine.
Great video, but I have one question, how do I get a phone into the device list like it is shown in video at 6:51. On my iMAC I get only liste my old mobile, for my new pixel8 I have always go via the "use different phone or tablet" option. Even after going multiple times through it an tick the "remember that computer " checkbox it will not shown. When I click on manage devices button I see just my old phone in m devices and not the Pixel8 as well there is no way to add or remove a device.
Hi Shannon, another great video! I've just sent off for two Yubikeys (I used your site to get a discount, thanks). Can you have the same PIN on the primary key as the spare? or wouldn't you advise this?
You certainly can set them both up with the same PIN but I use different ones for each one. I have a memorization technique to remember each one.
No option to setup FIDO key on ebay. Are they still working on it?
I found the same to be true. I contacted Ebay this morning and was told PASSKEYS are only available for Business Accounts and Ebay Store Accounts, not Personal Accounts. Today is Aug 10, 2024. Instead of Passkeys, I opted to use the YubiKey for 2FA Authentication in combination with the Yubico Authenticator App. Seems to work just fine.
Great job thanks for the info you really know you're stuff keep being you"😊 have a blessed and amazing day.🌞 👍 👍 💯
Thanks, you too!
Does yubi work with Brave?
Great video, thanks..... but I just missed the reason to buy/use Yubikey, when you might as well use ie. your mobile phone that you already have?? what are the added benefits of the Yubikey?
Hey, check out my passkey playlist! I did a video about the pros and cons of each version
Would I be about to use a Security Key C NFC The YubiKey 5 C NFC to create passkeys for my APPs and Websites? Or do I need to get The YubiKey 5 C NFC. What would be the reason way I would want to get The YubiKey 5 C NFC over the Security Key C NFC
More security or less privacy?
I absolutely love this video. And I love how you showed how to do this with your phone step by step. There is just 2 things though that i wanted to ask. By any chance for passkey to work does your PC have to have Bluetooth capabilities? Secondly i have a Pixel 6A and have a passkey already set up for my phone but yet everytime I try to login i never get the prompt on my phone to verify my identity. I end up having to either use my password or use the QR code everytime just to login. Do you know by any chance is this something on my end or could it be on Google's end?
I'm wondering the same thing regarding the Bluetooth
Yeah, I'm thinking that Bluetooth IS required. Unfortunately, my PC doesn't have Bluetooth, so it's a no go for using that method for me.
I accidentally made my login key very long am I able to change that?
Hello Shannon. Please respond. I have two 5 series yubikeys and need just a little clarification. While using a 5 series yubikey is there a way to use my key with accounts like B of A..... that don't offer anything but 2FA sms? I keep hearing on other yubikey videos that the 5 series offers multiple uses. Am I missing something?
Thanks
It appears it's really up to the individual businesses to decide what security they choose to make available to users. For example, in this video she setup Ebay as a PASSKEY. I went to my Ebay account to do the same and could not find anything referencing PASSKEYS for Personal Accounts. I contacted Ebay and they confirmed that PASSKEYS are only available on Business Accounts and Store Accounts. So I just used my key to login with the 2FA Authentication they have available. I suspect many companies will eventually make Passkey use available, but until they do, a Hardware physical YubiKey + Yubico Authenticator for 2FA is likely the next most secure way to protect your account. Once you have it setup this way, you may want to physically copy the QR Code Page and print it out for every account as you introduce the YubiKey as well as print out a copy of the "Backup Codes" and keep them safe just in case. Once you do that, you can remove or disable all other types of account login 2FA methods so your account becomes relatively bullet proof unless someone has your physical Yubikey in hand.
There seems to be a flaw with Adobe. I registered my yubikey as a passkey, put in my PIN from the Windows Security screen, touch the "Y" and it says it was setup successfully, but when I logout and login to try it, the Windows Security screen comes up and says the security key doesn't look familiar. I've setup a passkey on other sites with no problem. Wonder if you could try Adobe and see if you get the same thing.
What do you do if you have forgotten the pin number? Is there a way to reset it?
The pin number on the yubikey has to be reset, therefore it will wipe the key itself of any certificates, otp, static passwords, etc that have been setup. Gotta start over at that point.
@@tcasexJames, have you downloaded the Yubikey Manager app from the web site?
That was a clear as mud
WITCH ONE DO I BUY TO DESKTOP PC WITH USB THAT DOES HAVE USB -C ON NOT SURE WHAT I LOOKING FOR CAN I JUST HELP WITH THAT NAME OF THE LOOKING FOR TY
I have not seen a key that does both USB A and USB C. They are two separate keys or you can buy either one and then purchase an adapter to plug it into to switch to the other style port. I have the YubiKey 5 NFC, and I purchased an adapter to go from USB-A to USB-C. Got them on Ebay. Hope this helps.
My Yubikey only stores 5 passkeys, Token2 stores 300. Still a strange low limit
On desktop Gmail asks for my username and password. I want it to use my phone and fingerprint. I click to create a passkey and I get the windows security message asking me to insert a usb key. I don't get the option to use my phone. I have 2 factor authentication via USB as well. I'm a bit confused at how to set this up and various videos always show the option to choose your phone.
❤❤have a great weekend ❤❤
passkey without GAFAM product ?
Can someone help me with passkey not saving into the same file? It keeps making new files and not syncing
What if I change my phone service from Apple to Android or vice versa. Am I locked into that eco system? How do I port passkeys back and forth systems. I don't think it is possible. If it is do share. Also those that use public libraries computers need not apply so this creates a rift in society for those that have and those that have not. Passwords will be around for a long long time until that can be resolved.
I got a Ybikey a few months ago and set up a second Gmail account to test it out. It never asked for a pin.
Some websites won't require the pin on your yubikey.
Most of your videos are on or about PC’s. Why don’t you do one or several on or about Yubico keys for Apple products.
Most of my audience is Windows/Linux/Android and Apple videos don't get a lot of views. I also only have an iPhone, no other Mac products. I may delve into apple products more if there is enough audience base to justify the cost of the products. I would need to purchase them as apple wouldn't send them.
Comment for engagement
I can’t believe how confusing this is,,,,
It’s not? It’s the easiest 2FA option
firefox pls update yourself ; __ ;
HONEY. I. HAVE BEEN TRYING FOR OVER A WEEK,,AND DOESNT ACCEP ANY PASSWORD,,,Everybody HAS BEEN. COMPLAINIG ABOUT IT. TOO ,,COMPLICATED