How To Setup & Use Passkeys on Yubikey & Your Phone! - Full Walkthrough
Вставка
- Опубліковано 17 тра 2024
- Today we’ll setup a passkey on Ebay, then Google, then Paypal. Again, remember that this is a relatively new feature for consumer account protection online, so right now finding a site that uses passkeys is going to be hit or miss. Some sites do say they support passkeys but the implementation is a little glitchy, so for those sites I would recommend setting up 2FA instead.
I’ll show you how to set up a hardware bound passkey with my Yubikey, and then I will show you how to set up a passkey that is bound to your phone.
This episode is sponsored by Yubico!
Get $5 a Yubikey 5 NFC: www.yubi.co/shannon-2024
Get a Yubikey and protect your accounts! amzn.to/3S8BSLL *
Watch my Passkey episodes here! - • All About Passkeys
LINKS:
Who is using passkeys? www.passkeys.com/whos-using-it and passkeys.directory/
Passkeys FAQ: www.yubico.com/blog/a-yubico-...
www.yubico.com/blog/passkeys-...
Hardware Bound Passkey FAQ: www.techrepublic.com/article/...
FIDO2 and Passkeys: www.techrepublic.com/article/...
1Password now supports passkeys: www.techrepublic.com/article/...
FIDO White Paper: media.fidoalliance.org/wp-con...
fidoalliance.org/passkeys/#faq
How Long Does It Take To Brute Force A Password in 2023? www.hivesystems.io/blog/are-y...
Passkeys with Google: www.theverge.com/23712758/goo...
Passkey.org: passkey.org/#TABLE
FTC: Links marked with * are affiliate links, which means I make a small commission off any sales.
Becoming a Morse Code Member by checking out the perks linked here!:
/ @shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUBSCRIBE! 🌸 ua-cam.com/users/ShannonMorse?s...
TWITTER 🌸 / snubs
Patreon 🌸 / shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUPPORT MY WORK
Patreon 💛 / shannonmorse
Buy Me a Coffee 💛 www.buymeacoffee.com/snubs
Shop 💛 snubsie.com/shop
TeeSpring 💛 teespring.com/stores/morsecode
Coupon Codes 💛 snubsie.com/support
Tech I Use & Recommend 💛 kit.co/ShannonMorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
FOLLOW THE SOCIALS THINGS
Twitter 🌸 / snubs
Instagram 🌸 / snubs
UA-cam 🌸 ua-cam.com/users/ShannonMorse?s...
Website 🌸 www.shannonrmorse.com
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
TECH I USE AND RECOMMEND
My Kits, Builds, and Must Haves ✨ kit.co/ShannonMorse
My Amazon Influencer Page ✨ www.amazon.com/shop/shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
MY OTHER SHOWS
ThreatWire 🌙 ua-cam.com/users/hak5?sub_confi...
Sailor Snubs 🌙 ua-cam.com/users/sailorsnubs?s...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
GET IN TOUCH
Mail ✈
snubsie.com/contact
Email for Business and Sponsorship Inquiries ✈ Shannon@ShannonRMorse.com
My Media Kit ✈ snubsie.com/work-with-me
Sponsor This Channel ✈ snubsie.com/shannon-morse
Music from 🎵 Epidemic Sound: www.epidemicsound.com/referra...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
😍 FTC DISCLAIMER 😍
Affiliate links listed above allow me to receive a small commission. Any sponsorships for videos are noted in video and listed in descriptions. Any products provided as gifts are listed above. Thank you for your support!
Comment section code of conduct policy:
Constructive feedback is appreciated, but please leave unproductive, divisive and harmful conversation at the door. Hateful comments are not tolerated, and these kinds of messages will be automatically removed. Thank you for making this community a welcoming experience for all viewers :)
snubsie.com/code-of-conduct - Наука та технологія
Hi Shannon and others. PayPal and eBay sites don't allow registration of a backup security key and should be called out on it. It's recommended practice to register at least 2 hardware security keys. There's already a ticket about it on PayPal community support but seems to be ignored.
Hardware key got broken, no more access 😂
Well you can have a TOTP Code as a backup authenticator so there's at least that, but would be better just to allow many physical keys @@againstbulshit2895
For 2FA, on PayPal a security key IS the backup to using an authenticator app (TOTP) or vice-versa. Personally, I use the authenticator app 2FA on PayPal. Backing up the QR codes and installing them on new devices is easy and never limited by website rules or UI. I use a Yubikey for TOTP so I'm still retaining the "hardware kept secrets" aspect of a (FIDO) security key.
Shannon, your enthusiasm is Contagious! Keep Going, Girl! ☺️☺️☺️
Awesome series! I'd love to see more about Yubikeys. They have so much more options such as using it for PGP keys, and more. I'd love to hear your option and see a walk-through tutorial.
Hey Shannon, I really like the content you put out. It is very helpful to this old man. I’d love to see more iOS oriented content, if possible. Thanks for what you do!
I love when you upload security videos.I actually understand them
This is the best compliment. Thank you! I'm glad my videos are easy to understand 😁
Thanks for sharing. I enjoy your security content. Blessings on your day.
Thank you! You too!
Very helpful. Thanks for making the details simple. Shared with family.
Glad it was helpful! Miss you! You going to CES?
@@ShannonMorse I'm still weighing costs and sponsorship. Will let you know.
Clear as mud! Glitchy passkeys is an understatement.
Excelente! Thank you Shannon for this wonderful video! Would you please do a video on Norton Power Eraser, HitmanPro, and Kaspersky? I wish to see what your opinion is using these products. Thank you once again for your informative videos!!!
Nice work. How can you sign in via android? Any videos?
Love these videos to show how easy it is to secure those accounts Shannon. If only more websites make use of them.
I totally agree!
Shannon, I am about to upgrade one of my computers from Win 10 to 11. Will the yubikey that is registered to the 10 work on the 11? Or is that registration on the websites? Is there a need to make a short video on what to do if you upgrade or do a clean install of windows as it pertains to the current Yubikey?
Great explanation. I've started using HW keys only recently. Embarassing because I work in IT :) And I still find how it all works with all those options a bit confusing. Must be a nightmare for folks with non IT background.
Shannon, thank you for all the good videos! I have bought 2 keys and want to 'map out' my security plan before initiating the keys. One topic I can not find information on is running multiple authenticators on the same device. Thinking about retaining my Lastpass authenticator for sites that are less critical and adding the Yubico authenticator for use with physical passkey sites where higher levels of security are needed. Do you have any information place we can research this setup? Or suggestions? Thank You....
Love my Yubikey
Nice Shannon 😊
There seems to be a flaw with Adobe. I registered my yubikey as a passkey, put in my PIN from the Windows Security screen, touch the "Y" and it says it was setup successfully, but when I logout and login to try it, the Windows Security screen comes up and says the security key doesn't look familiar. I've setup a passkey on other sites with no problem. Wonder if you could try Adobe and see if you get the same thing.
Great video, thanks..... but I just missed the reason to buy/use Yubikey, when you might as well use ie. your mobile phone that you already have?? what are the added benefits of the Yubikey?
Hey, check out my passkey playlist! I did a video about the pros and cons of each version
I absolutely love this video. And I love how you showed how to do this with your phone step by step. There is just 2 things though that i wanted to ask. By any chance for passkey to work does your PC have to have Bluetooth capabilities? Secondly i have a Pixel 6A and have a passkey already set up for my phone but yet everytime I try to login i never get the prompt on my phone to verify my identity. I end up having to either use my password or use the QR code everytime just to login. Do you know by any chance is this something on my end or could it be on Google's end?
I'm wondering the same thing regarding the Bluetooth
Hi Shannon, another great video! I've just sent off for two Yubikeys (I used your site to get a discount, thanks). Can you have the same PIN on the primary key as the spare? or wouldn't you advise this?
You certainly can set them both up with the same PIN but I use different ones for each one. I have a memorization technique to remember each one.
How would I handle accessing an account on multiple devices? For example, if I secured my Google account with a passkey, either a Yubikey or my iPhone, how would I then log into that Google account on my smart TV or cable box for Android TV?
From your phone as it's done now :)
I’m an owner of the 5c nfc.
Still can’t figure out from your videos what the difference between passkeys and hardware keys is, I imagine both require sticking or tapping your Yubikey. Listening to you from Poland 🇵🇱 🎉
Hello Shannon. Please respond. I have two 5 series yubikeys and need just a little clarification. While using a 5 series yubikey is there a way to use my key with accounts like B of A..... that don't offer anything but 2FA sms? I keep hearing on other yubikey videos that the 5 series offers multiple uses. Am I missing something?
Thanks
Great video, but I have one question, how do I get a phone into the device list like it is shown in video at 6:51. On my iMAC I get only liste my old mobile, for my new pixel8 I have always go via the "use different phone or tablet" option. Even after going multiple times through it an tick the "remember that computer " checkbox it will not shown. When I click on manage devices button I see just my old phone in m devices and not the Pixel8 as well there is no way to add or remove a device.
Hi Shannon - I just followed your instructions to add my Yubikey to eBay - awesome! HOWEVER - they do not seem to have the ability to a a backup key - any suggestions?
Great job thanks for the info you really know you're stuff keep being you"😊 have a blessed and amazing day.🌞 👍 👍 💯
Thanks, you too!
I have the Yubikey 5 nfc. is this the updated version of the setup? getting kind of confused here..
I tried to set it up on ebay but it doesn't give me the options for passkey . I set up passkeys in one Google account but it will not let me set it up on the other one on this device . phone only .
Thats for the video, so passkey would replace the security key feature ? I now have my yubikeys setup with my google account but no passkey, this I did setup in bitwarden. One reason for that was the limit of 25 passkeys storable on yubikey itself, while I still have them set as security keys to my bitwarden account.
I have learned that when setting up TOTP to select the "I can't scan the QR code" option and to get the seed directly. I setup the Yubico for TOTP using the seed I input. I securely record the seed so I can repeat this on my backup Yubico as sites don't allow multiple TOTPs.
That's a smart and useful tip!
❤❤have a great weekend ❤❤
GM Shannon, Stay Safe in Denver., J
Does yubi work with Brave?
4:58 hahaha :P love when you do that
9:20 SOOOOOOOOOOOOOOOO TRUEEEEEEEE!!!!!!! XD
Would I be about to use a Security Key C NFC The YubiKey 5 C NFC to create passkeys for my APPs and Websites? Or do I need to get The YubiKey 5 C NFC. What would be the reason way I would want to get The YubiKey 5 C NFC over the Security Key C NFC
Can someone help me with passkey not saving into the same file? It keeps making new files and not syncing
I understand Passkey is relatively new. But, if I use Passkey with a website. Shouldn’t the website let me delete my password? I’m still vulnerable if they’re hacked and my password is stolen? Correct? This assumes I’m not using 2FA. Am I missing something?
I was wondering the same thing
It depends on how they manage the security features on the website. If there is no option to disable the password best you can do is use a password manager to create a really long password and only use it as backup.
U2F is still two step. They’d need both the password and key to get into the account. What’s so difficult to understand?
No option to setup FIDO key on ebay. Are they still working on it?
Nice videos. I do not get the point of storing a passkey on a device that is protected by a digit PIN. So, 4 digits and you're compromised. So in this case, phone seems more secure (if it does not fallback to a PIN). Or maybe a hardware key with a fingerprint, I'll check for that.
What do you do if you have forgotten the pin number? Is there a way to reset it?
The pin number on the yubikey has to be reset, therefore it will wipe the key itself of any certificates, otp, static passwords, etc that have been setup. Gotta start over at that point.
@@tcasexJames, have you downloaded the Yubikey Manager app from the web site?
I got a Ybikey a few months ago and set up a second Gmail account to test it out. It never asked for a pin.
Some websites won't require the pin on your yubikey.
passkey without GAFAM product ?
On desktop Gmail asks for my username and password. I want it to use my phone and fingerprint. I click to create a passkey and I get the windows security message asking me to insert a usb key. I don't get the option to use my phone. I have 2 factor authentication via USB as well. I'm a bit confused at how to set this up and various videos always show the option to choose your phone.
More security or less privacy?
What if I change my phone service from Apple to Android or vice versa. Am I locked into that eco system? How do I port passkeys back and forth systems. I don't think it is possible. If it is do share. Also those that use public libraries computers need not apply so this creates a rift in society for those that have and those that have not. Passwords will be around for a long long time until that can be resolved.
Comment for engagement
I like your videos, but I can hardly read what you try to show us. The text/writing is so small.
Most of your videos are on or about PC’s. Why don’t you do one or several on or about Yubico keys for Apple products.
Most of my audience is Windows/Linux/Android and Apple videos don't get a lot of views. I also only have an iPhone, no other Mac products. I may delve into apple products more if there is enough audience base to justify the cost of the products. I would need to purchase them as apple wouldn't send them.
I can’t believe how confusing this is,,,,
It’s not? It’s the easiest 2FA option
firefox pls update yourself ; __ ;
SEEING YOU GET SO EXCITED OVER YUBIKEYS sHannon I'll send you a couple for Christmas
no need! I have too many haha