i've recently been attacked by who knows who in the online world, and have been getting emails about suspicious people trying to sign in, or successfully signing into my accounts. i've had to outright shut down two accounts on different websites, and am going full blown max security on everything. its been annoying to deal with this new security stuff, but i feel safer and less vulnerable.
@@JenniferIsselPhilly Don't back ANYTHING to a server that you do not control. Google, Micropuke, Apple, Yahoo, doesn't matter. You want YOUR data to remain under only YOUR control. Unfortunately most of John Q do not possess backup skills because they have no way of retaining reliable back up data.
2FA is vulnerable and this method give information to Google regarding your other devices; which it will now tie into its analysis of who and where you are, where you go, who you know, and all other issues Google should not be monitoring
I think that risks to privacy are something different than risks of account takeover. By using Firefox, you get a prompt that says "[service provider] is requesting extended information about your security key, which may effect your privacy. Firefox can anonymize this for you, but the website might decline this key." This can help mitigate leaking the certificate serial number in the metadata, IIRC. By using a security key you also practically eliminate the phishing risks. This is because the cryptographic response generated by the security key is only valid for the original domain associated with the account.
I don’t trust Google with my privacy, and definitely not with my emails. I have one anonymous Google account just for my UA-cam, and a totally different anonymous account for Google maps, that’s it. Great channel by the way 👍🏼
How did you get around the age restrictions on Google account if you haven't confirmed age through a card purchase etc please?....been limited to under 13 vids on UA-cam because I won't provide a card to confirm ID?...have you had this issue too?😊
@@kittin9018 create a google account with an appropriate age. if it's mandatory due to the country you live in spoof your location with a VPN or TOR. the verify with card mechanism only serves to connect yet another unique identifier to your on-line fingerprint. google couldn't care less about your kids, but if they don't separate them, they can't use watch and search data to focus advertising, because that is illegal to do to children in most countries.
Hey bud great video, thank you for the tips. I'll give you a tip in return. The mic you are using is meant to have the audio come in the front, not the top. So you would want to flip the mic up and speak into the front of the mic. Just make sure you are speaking into the front and not the back. Your audio will improve GREATLY if you do that. I'm a professional audio engineer so recording and mixing is my profession! Anyway, just a friendly tip. Thanks again for the video!
Just to point out. I had zero issues with the audio in this video. Found absolutely no issue hearing/understanding everything he said. I think tips are fine. Just wanted to point out the quality was great 👍
@@tnekkralc8080 Noone is saying it wasn't. The audio quality is not great. Maybe to you, it sounds ok. There is nothing wrong with the audio the way it is tho. Never said there was. Did you even read the comment? I didn't criticize the man! I gave him a professional sound tip just like he is giving up professional tips. I was returning the favor. No one said anything like that. 🤦🏻♂
@@matt_nyc_audioengineer Okay. Thanks. You (and the other guy) heard things that I didn't hear. Not sure if you had your volume on blast or what. LoL. Great tips. Just try not to get offended when others leave feedback, TOO. LoL
I was already doing all this but it never hurts to revisit things just to stay current on security. Great video -- short, concise, clear and good visual examples provided. No fluff, no crap, just solid information that everyone should know. Just one thing ... follow Matthew Kutoloski's advice on your mic. Some people watch YT videos on their phones, some of us use much more complicated equipment. I'm one of the latter.
hey! really good and educational video! incredibly useful for anyone. one crucial thing though; don't use your mobile phone number for 2FA or as a recovery method in general! whatever you do, don't do it! don't use your phone number as a recovery method anywhere on any platform at all! it allows for "sim-swapping" attacks to take place and be used to gain access to everything you use your phone number for. keep this in mind wherever you sign up! you should make a video about this and "sim-swapping" in general. ❤️
Fantastic!! A 2FA key is what I need. I was thinking that today. I forgot my password to my Nordpass. What a headache. Still waiting for them to contact me. Good thing I have biometrics on the phone. I've been wishing I had one on my laptop.😁
A good video. Too many people have insecure Gmail accounts. I personally don't use Gmail. I was forced to use one for UA-cam way back to comment on UA-cam but if I could remove the connection to my hotmail account I would.
I have 2 email accounts for the Tube. They are never used for anything else. Only sent mail to them on the first day each was created. No traffic to search.
Thanks! I've been thinking about a 2FA physical key, and this has solidified my intent! Quick question, can one buy a fancy fingerprint 2Fa key as primary device and then use a cheaper device with fewer features as a backup? Also, must the 2 devices be from the same mfgr?
I Always appreciate the easy to follow format & encouraging tone of your demeanor🙏🏾 If you were my teacher when I went to IT school, l would've actually learned something and had a career instead of getting jerked around for over 2ys!🤷🏾♂️🤦🏾♂️ The school wanted my program's money much more than they wanted to teach me😒🤑
1/21/2024 It looked like Google does not offer 2FA via an authenticator app as it only showed [text message, security key, other device prompt] as choices, but after setting "other device prompt" it let me do text message as a secondary backup and then gave authenticator app (they wanted it to be their own but Authy worked) as another secondary verification. Don't know why they don't give it as one of the initial choices.
Great information! I understand that these measures help secure my data from 3rd party access, but my only question is, do these steps prevent Google from accessing or using my information? I doubt it, yet they are arguably one of the most egregious offenders of data privacy.
Hey guys, one great way to support this channel (and improve your own security) is to grab a 2FA key from Yubico, the sponsor of this video. Find the right key for you: geni.us/yubico-store
What do you do about wear and tear on the yubikey? If I kept it on my key chain, I’d image a year later it would fall apart or be gross. You should make a video on tips for transporting your yubikey on the go.
Interesting idea! I've had mine on my keychain for a couple years now and haven't had any problems. But again, I think that speaks to the importance of having a backup that ISN'T kept in your pocket and scratched up all the time :)
I was concerned about the same issue - I use a "Cozy" USB-A cap > both it & the Yubikey are attached to the same small metal ring and the Cozy is flexible, fits snug on the male USB-A tab. So far, works great.
After losing access to my gmail account in 2018, I knew I had to move to 2FA. I tried sending a physical letter to Google telling them what happened (and that the automated system refused to recognize me for some reason), but never received a reply from them. I lost 13 YEARS worth of email, and unfortunately, a link to someone close to me. (This also made me realize I need a minimum of TWO ways to contact people I care about, and not just via email.) Tough way to be forced into using 2FA, but now it seems every service is using it anyway.
Your content is simply amazing. I would just want to ask you that is there any contacts app or something like that where we can sync and store our contacts on any cloud or something as currently we save our contacts on google which immediately syncs it to all devices. This would be a great work around to de-google ourselves.
Josh, My partner lives on her iphone and she refuses to use a password manager or any 2FA her reason is she doesn't want to complicate her life. Is there anything that can protect her phone but yet be simple. I believe she feels that there is no need for all this protection as it just complicates your life. She has access to one of my accounts and I had to change the password to something simple so she could remember it. Thanks for your help Jessica
Can you talk about the yubikey primary and backup? Is it just two yubikeys set up independently or do. you do something to copy the contents of the primary onto the backup? I like the idea of yubikey but am afraid of losing it.
Hi Josh, I'm considering the final step in your helpful video. Do you know how many keys I can program for the Google Advanced Security Plan? When I went to sign up, it seemed to default to two, however I have more. Thanks for advising.
Would you update his video? Does YubiKey not work with Google? At this point - two years from the making of this video - is it a problem to use a phone number and fingerprint for 2FA-can they be stolen? Please make an updated video on security at home for non-IT people.***I don’t want to hear from IT folks who fear monger or go on rants** I would like an updated video from the person who made it. ❤
Yeah but my mom was Grace just 4 more houses away! Im going to eonder if you knew that before I did because I'm new to this. Do you try to make a courtesy call to fix what you did wrong where driving Japan into it?
I'm too worried about a hardware failure of a key, to entrust everything to it. If it fails, just like some USB memory sticks rarely but sometimes fail, I'm screwed.
Yeah, and now that I watched it I'm getting dozens more suggested videos about how we're all gonna get hacked unless we use Yubikeys. Yubikey affiliate channels must be the latest money-making scheme.
I don't agree that 2FA makes your email more secure. In fact, all they have to do is get your phones IM number and use your phone to access email. If it's on your phone.
What if you connect your pc (with non-essential data) to a public wifi but hotshot to your phone. Will you still be vulnerable to hack attacks on you data from your phones?
i got my facebook account fully locked out from me by the person who stole it and my youtube and insta were banned bc of the person and i have 2 strikes for videos i never posted my self and my insta is perm banned so secure your accounts guys
Correct. RIGHT NOW!!! We all never should have opened accounts on evil platforms in the first place, but that's a longer fix and you'll have to look that up elsewhere. (Find an explanation of this sentence, and learn about who said it: {To understand the concept, you should think of “free” as in “free speech,” not as in “free beer.”} Your treasure hunt begins right after you make the stopgap temporary fix from this video.)
You can see my full setup video here: ua-cam.com/video/fzUVrz0ixn8/v-deo.html As for backups, and I think I reference this in the video linked above, I recommend setting up your backup key at the same time you setup your primary, and then putting that backup key in a different, secure location.
I opened an email of a trusted friend. I was a docusign that required me to input my email and cellphone number as password. I thought twice, but did it anyway. Once It opened, I quickly realized that she was hacked. I called her to confirm. What should I do now???
Hey there..thanks for the vid. Just want to ask how can I cancel my storage. I couldn't access my account anymore. Even phone verifications and alternate emails dont work. I don't want google to kwep on charging me. Thanks so much.
I'm just extremely concerned as to what it says in the DUO description regarding security, it actually says in clear text that users that use DUO have ZERO TRUST!? That seems a little bit concerning if you ask me which I'm going to bet you definitely won't be, but it all seems very fishy to me, punn intended.
My email and UA-cam has been hacked for far too long. My Yubikey stopped working. Do they die after a few years? I have the Titan key which works the best. I was wondering if my keys went dead or if they got hacked. Do you have any idea? I keep getting the error message that you have tried to log in too many times only after touching it once. That is so weird to me. Do you know?
Thank you very informative. I already have 2 step verification enabled and a strong password so I'm good right. Can I still get hacked with that. And how do you know if your account is hacked And even though I have 2 step verification on I don't receive codes when logging in. I should right. I also have backup codes
@@AllThingsSecuredThat's usable. Thanks. I also bought 1Password after seeing another one of your reviews. I only wish that a zero trust vpn vendor would allow it as an option. I don't want to mess with multiple authenticators.
Im sure its an amazing product, but how does one use this when signing in from their smart phone/ device that doesnt have a port to insert your tool? Alot of people today dont use desktop/laptop and only use their phone. If this isnt available for phones, thats a big percentage of the population being remived from this
Using 2 factor authentication is probably the best option for ordinary users. Remember, if you use a smartphone, please do this first before you switch to it & or have a new number. Change this before you switch to the newer number & get a codd sent to this or your email, if its easier. You could get locked out & if your partner is happy to use theirs as a back up, the choice to 2 FA will pop up on the screen. It'll be a nightmare otherwise, because it happened to me & my back ups weren't current... 😮
I am getting confused. I just turned off Google's 2fa based on what I thought was your advice on another one of your videos, and now this video says to turn Google 2fa on! Am I misunderstanding? Could you please clear this up for me? Also, when I am ready to buy these keys, I want to use the site that gives you a commission, but the site below doesn't say that. Where should I go?
Lots of XYZ-ers here helped by this because they already posess the required degree of proficiency. All greek to me, and will be to most elders. Probably time to unplug. Sorry to be cranky but completely overwhelmed by flying images, galloping speech, and internet jargon. Slowing it way down helped a little. On the bright side...thank you for no background music.😘
You also have to be critical, not only to negative way like thinking "this guy selling products, we have to be careful with anything he said", but also to positive way, because all he was saying was logic in my opinion, you can also double check to other creator, someone who just bought it, or simply neutral AI like ChatGPT, personally I don't have yubi-key yet, but doesn't mean whoever bought it cannot give it's own opinion.
Step one - pick an impossible-to-remember password that you won't forget... Different from all the other impossible-to-remember passwords. And don't trust the browser's "remember me" prompt - because they DON'T...
Hi, question I sometimes find clients emails placed in filters or spam even I didn't check the spam box. Somehow they just land there. Super annoying. I also use a crm so maybe that's what's sending stuff there? I'm thinking of switching to Proton mail but I use surfshark so not sure if it's compatible.
I was thinking of buying yubikey but I know myself too well and I was thinking about either I hiding it too well in my house so I can't find it back or keep one close to wear I need it and then it get's stolen and used on my device. I have all my devices password and fingerprint protected and use strong passwords and authenticator apps. I still somehow think yubikey may be at some point the weakest link by either someone gaining access although the chances are really slim or I lose the yubikey or it goes defect from wear and tear.
To be honest its the best thing that has happened to me this week tbh I never taught of having my account back. but lucky me got recommended to *PRESTINCODDING* who helped get the account back....
i've recently been attacked by who knows who in the online world, and have been getting emails about suspicious people trying to sign in, or successfully signing into my accounts. i've had to outright shut down two accounts on different websites, and am going full blown max security on everything. its been annoying to deal with this new security stuff, but i feel safer and less vulnerable.
It's the hackers in the Google cloud.
@@JenniferIsselPhilly Don't back ANYTHING to a server that you do not control. Google, Micropuke, Apple, Yahoo, doesn't matter. You want YOUR data to remain under only YOUR control. Unfortunately most of John Q do not possess backup skills because they have no way of retaining reliable back up data.
Ditto that’s why I’m here to learn what to do.
2FA is vulnerable and this method give information to Google regarding your other devices; which it will now tie into its analysis of who and where you are, where you go, who you know, and all other issues Google should not be monitoring
Thank you. It had to be said.
What’s the best alternative?
I think that risks to privacy are something different than risks of account takeover. By using Firefox, you get a prompt that says "[service provider] is requesting extended information about your security key, which may effect your privacy. Firefox can anonymize this for you, but the website might decline this key."
This can help mitigate leaking the certificate serial number in the metadata, IIRC.
By using a security key you also practically eliminate the phishing risks. This is because the cryptographic response generated by the security key is only valid for the original domain associated with the account.
I don’t trust Google with my privacy, and definitely not with my emails. I have one anonymous Google account just for my UA-cam, and a totally different anonymous account for Google maps, that’s it.
Great channel by the way 👍🏼
that's the most intelligent thing i've heard in the last 7 minutes and 22 seconds
How did you get around the age restrictions on Google account if you haven't confirmed age through a card purchase etc please?....been limited to under 13 vids on UA-cam because I won't provide a card to confirm ID?...have you had this issue too?😊
@@kittin9018 create a google account with an appropriate age. if it's mandatory due to the country you live in spoof your location with a VPN or TOR. the verify with card mechanism only serves to connect yet another unique identifier to your on-line fingerprint. google couldn't care less about your kids, but if they don't separate them, they can't use watch and search data to focus advertising, because that is illegal to do to children in most countries.
I just don't include any info on my cell regarding my economy and documents at all!
Yes don't trust Google. They messed up our network here and we were robbed.
I have tried it too. To be locked out is a PITA. So now I use a strong PW and 2FA. It's essential with a Google account. Thanks.
They change the passwords and hack your email.
2FA does NOT increase your safety.... he's spreading MISINFORMATION!
Hey bud great video, thank you for the tips. I'll give you a tip in return. The mic you are using is meant to have the audio come in the front, not the top. So you would want to flip the mic up and speak into the front of the mic. Just make sure you are speaking into the front and not the back. Your audio will improve GREATLY if you do that. I'm a professional audio engineer so recording and mixing is my profession! Anyway, just a friendly tip. Thanks again for the video!
You forgot to mention the pop screen. I thought my windows were gonna fall out.
@@McMillanScottish 🤣 Yes, a pop filter would certainly help too. The plosives were pretty bad in some spots.
Just to point out. I had zero issues with the audio in this video. Found absolutely no issue hearing/understanding everything he said.
I think tips are fine. Just wanted to point out the quality was great 👍
@@tnekkralc8080 Noone is saying it wasn't.
The audio quality is not great. Maybe to you, it sounds ok. There is nothing wrong with the audio the way it is tho. Never said there was. Did you even read the comment? I didn't criticize the man! I gave him a professional sound tip just like he is giving up professional tips. I was returning the favor. No one said anything like that. 🤦🏻♂
@@matt_nyc_audioengineer Okay. Thanks. You (and the other guy) heard things that I didn't hear. Not sure if you had your volume on blast or what. LoL.
Great tips. Just try not to get offended when others leave feedback, TOO. LoL
I was already doing all this but it never hurts to revisit things just to stay current on security. Great video -- short, concise, clear and good visual examples provided. No fluff, no crap, just solid information that everyone should know.
Just one thing ... follow Matthew Kutoloski's advice on your mic. Some people watch YT videos on their phones, some of us use much more complicated equipment. I'm one of the latter.
hey! really good and educational video! incredibly useful for anyone. one crucial thing though; don't use your mobile phone number for 2FA or as a recovery method in general! whatever you do, don't do it! don't use your phone number as a recovery method anywhere on any platform at all! it allows for "sim-swapping" attacks to take place and be used to gain access to everything you use your phone number for.
keep this in mind wherever you sign up! you should make a video about this and "sim-swapping" in general. ❤️
So want you are saying is use another sim. Which is only used for 2fa and nothing else?
@@RayMondElecNo. NEVER use sms as a two factor authentication option
@@RayMondElecno because that Sim can still be Sim swapped.
I am dealing with this now.
I'm sorry I don't see the link for the 2fa keys?
I recently found you channel and glad that I have. You have the ability to make sense from a basic user to an advance user.
Fantastic!! A 2FA key is what I need. I was thinking that today. I forgot my password to my Nordpass. What a headache. Still waiting for them to contact me. Good thing I have biometrics on the phone. I've been wishing I had one on my laptop.😁
Thanks!
Thanks for the support!!
Thank you for listening about the scammers
Thanks for watching and commenting.
I like your security advice. In fact I think you're one of the best guys on here. You give practical advise with out going over the top.
Fudge. All new new info for me. Thanks for the info.
Thank You. I have made my way to my account's security page in the past. The video was a good reminder to do so again.
A good first step.
Great! Glad it was helpful.
Happy that I watched this video. Have long had my Yubikey and would never give them up.
A good video. Too many people have insecure Gmail accounts. I personally don't use Gmail. I was forced to use one for UA-cam way back to comment on UA-cam but if I could remove the connection to my hotmail account I would.
I have 2 email accounts for the Tube. They are never used for anything else. Only sent mail to them on the first day each was created. No traffic to search.
Thank you Josh for all your content. It's made me see much of what I need to better protect including my Gmail. Much appreciated.
My pleasure, Tim! Thanks for watching and commenting.
Change your GOVERMENT NAME TO A BOGUES AND FOR IMPORTANT ISSUES USE 10MIN EMAIL
Thanks! I've been thinking about a 2FA physical key, and this has solidified my intent! Quick question, can one buy a fancy fingerprint 2Fa key as primary device and then use a cheaper device with fewer features as a backup? Also, must the 2 devices be from the same mfgr?
I need this because my parents are childish and "never wrong"
what you say is slick for an old man like myself.
how do I know what you say is legitimate and you are not selling a service which will go away
We all have seen apps come and go away
I Always appreciate the easy to follow format & encouraging tone of your demeanor🙏🏾
If you were my teacher when I went to IT school, l would've actually learned something and had a career instead of getting jerked around for over 2ys!🤷🏾♂️🤦🏾♂️
The school wanted my program's money much more than they wanted to teach me😒🤑
Thanks for the kind words!
I concur with this comment 🙃
@@AllThingsSecured is the spring merch shopping for youtube having access to google account safe?
Having 3rd party access
Thank you very much for all this very helpful , informative and great information.Your amazing. Thank you.
Today randomly clicked on locate my device.when opened realized there three other phones and tablets which I never owned...
spooky...
1/21/2024 It looked like Google does not offer 2FA via an authenticator app as it only showed [text message, security key, other device prompt] as choices, but after setting "other device prompt" it let me do text message as a secondary backup and then gave authenticator app (they wanted it to be their own but Authy worked) as another secondary verification. Don't know why they don't give it as one of the initial choices.
Great information! I understand that these measures help secure my data from 3rd party access, but my only question is, do these steps prevent Google from accessing or using my information? I doubt it, yet they are arguably one of the most egregious offenders of data privacy.
No, Google still stores your data on their servers, even with 2FA. That's a separate issue altogether.
Hey guys, one great way to support this channel (and improve your own security) is to grab a 2FA key from Yubico, the sponsor of this video. Find the right key for you: geni.us/yubico-store
I have 3 yubikeys. I could tell you my google account password and you still couldn't break in to it.
What do you do about wear and tear on the yubikey? If I kept it on my key chain, I’d image a year later it would fall apart or be gross. You should make a video on tips for transporting your yubikey on the go.
Interesting idea! I've had mine on my keychain for a couple years now and haven't had any problems. But again, I think that speaks to the importance of having a backup that ISN'T kept in your pocket and scratched up all the time :)
I was concerned about the same issue - I use a "Cozy" USB-A cap > both it & the Yubikey are attached to the same small metal ring and the Cozy is flexible, fits snug on the male USB-A tab. So far, works great.
After losing access to my gmail account in 2018, I knew I had to move to 2FA. I tried sending a physical letter to Google telling them what happened (and that the automated system refused to recognize me for some reason), but never received a reply from them. I lost 13 YEARS worth of email, and unfortunately, a link to someone close to me. (This also made me realize I need a minimum of TWO ways to contact people I care about, and not just via email.)
Tough way to be forced into using 2FA, but now it seems every service is using it anyway.
Never trust these bastards. Never. And never follow their security advice. Ditch them and move on as they've already screwed you once.
The people at google have their noses in the air and just don't care about common people anymore...they're elites....now.
For proton mail. Theres change about their privacy and policy. What do you think about it ?
I'm still using them because of the zero-knowledge structure of the data, but as with all things, it's a personal decision.
Using a 2FA key gives google more info about you your finger print. Just what I want to do is give google more info about me? Not happening!
Nice ad for the keys. You didn't explain how you would regain access if you lost the key? 🤷♂
thanks for the info could you tell me what is the difference between 2FA key and USB-C
Two different things. A 2FA key can be USB-A, USB-C or even Lightning (iPhone). It’s just the type of connection.
How much did you pay for your yubikey?
How much is the actual cost? Thank you
Yubikeys cost anywhere from $25 (Security Key Series) to about $50 (5 Series).
What's the best security anti software / mal ware for Android. Thanks. Also why yubikey over Google key
what is the difference among these different Yubicos ? NFC and CNFc Yubico, 5cNFC
Your content is simply amazing. I would just want to ask you that is there any contacts app or something like that where we can sync and store our contacts on any cloud or something as currently we save our contacts on google which immediately syncs it to all devices. This would be a great work around to de-google ourselves.
You can do that with Proton. They offer a great suite of services to replace Google, including both email and contacts (which sync between devices).
Is Yubico Yubikey the same brand, and how durable are these? Does a little dirt or dropping them on counter cause any issues?
Same brand and absolutely durable.
Is it slightly better to use ProtonMail vs Google or Outlook, or heck of a lot better?
Seems like Google prompt will be alwasy the default even if you enable 2FA with authenticator app. Any workaround?
Josh,
My partner lives on her iphone and she refuses to use a password manager or any 2FA her reason is she doesn't want to complicate her life. Is there anything that can protect her phone but yet be simple. I believe she feels that there is no need for all this protection as it just complicates your life. She has access to one of my accounts and I had to change the password to something simple so she could remember it. Thanks for your help
Jessica
Apparently Josh does not talk to lesbians -
He did mention a key..
Can you talk about the yubikey primary and backup? Is it just two yubikeys set up independently or do. you do something to copy the contents of the primary onto the backup? I like the idea of yubikey but am afraid of losing it.
Well done states David Snell.
Great info.
Hi Josh, I'm considering the final step in your helpful video. Do you know how many keys I can program for the Google Advanced Security Plan?
When I went to sign up, it seemed to default to two, however I have more. Thanks for advising.
Thank you josh
You sent this video on gmail 😅
My pleasure, Muthu.
@@AllThingsSecured 🥰
Yes they got my information and using it
Appreciate for ur hard working, can you plz tell me if it's risk to use enhanced safe browsing for my security chrome.
Would you update his video? Does YubiKey not work with Google? At this point - two years from the making of this video - is it a problem to use a phone number and fingerprint for 2FA-can they be stolen? Please make an updated video on security at home for non-IT people.***I don’t want to hear from IT folks who fear monger or go on rants** I would like an updated video from the person who made it. ❤
Yeah but my mom was Grace just 4 more houses away! Im going to eonder if you knew that before I did because I'm new to this. Do you try to make a courtesy call to fix what you did wrong where driving Japan into it?
I'm too worried about a hardware failure of a key, to entrust everything to it.
If it fails, just like some USB memory sticks rarely but sometimes fail, I'm screwed.
Hey, a YubiKey ad disguised as a security video.
Very thinly disguised. Holy crap!
Yeah, and now that I watched it I'm getting dozens more suggested videos about how we're all gonna get hacked unless we use Yubikeys. Yubikey affiliate channels must be the latest money-making scheme.
@@LAHarder7 me too. The price of living by the algorithm.
I really like how you explain your topics, other youtubers tend to be paranoid
Really appreciate that, Marco. I hope you stick around.
Great video, make next one about outlook emails security improvements please :)
Thanks for the suggestion!
great service video. Do these keys work with Thunderbird? It is my preferred email client.
Thank you Sir 🙏
I got hacked yesterday and miracuolously got my account back and I'm making sure it doesn't happen again.
I sincerely love your channel
Thanks so much!
I don't agree that 2FA makes your email more secure. In fact, all they have to do is get your phones IM number and use your phone to access email. If it's on your phone.
Hello all things thank you for this information because I get hacked all the time which one of the 2FA Do you recommend on Amazon thank you in advance
you can enable 2FA with key but you still seem to be able to get authenticated by other methods like SMS - so what's the use of having it?
Thank you. Question. How secure is the Norton VPN? How protected is my computer? Can anyone hack into my computer using the NORTON VPN?
Everything is unsafe.
What if you connect your pc (with non-essential data) to a public wifi but hotshot to your phone. Will you still be vulnerable to hack attacks on you data from your phones?
Thanks a million for this info!! ❤❤❤
i can confirm that it takes a shit ton of annoyance to get your account back
i got my facebook account fully locked out from me by the person who stole it and my youtube and insta were banned bc of the person and i have 2 strikes for videos i never posted my self and my insta is perm banned so secure your accounts guys
I just purchased 2 new USB-C/NFC Titan security keys. Do you have a video showing recommended setup using these keys?
Here’s what I’ve done: ua-cam.com/video/fzUVrz0ixn8/v-deo.html
@@AllThingsSecured looking for a specific video on the Google Titan keys.
Correct. RIGHT NOW!!! We all never should have opened accounts on evil platforms in the first place, but that's a longer fix and you'll have to look that up elsewhere. (Find an explanation of this sentence, and learn about who said it: {To understand the concept, you should think of “free” as in “free speech,” not as in “free beer.”} Your treasure hunt begins right after you make the stopgap temporary fix from this video.)
Mate : show us how to use Yubico keys to generate passwords please . Also how do we make a backup of the keys? I think you made a video about it …?
You can see my full setup video here: ua-cam.com/video/fzUVrz0ixn8/v-deo.html
As for backups, and I think I reference this in the video linked above, I recommend setting up your backup key at the same time you setup your primary, and then putting that backup key in a different, secure location.
@@AllThingsSecured cheers !!
Thanks I use two factor on all my accounts and I constantly changing security updates every 5-6 months and I use a password manager
I opened an email of a trusted friend. I was a docusign that required me to input my email and cellphone number as password. I thought twice, but did it anyway. Once It opened, I quickly realized that she was hacked. I called her to confirm. What should I do now???
Just ordered my YubiKey 5 for my Google 2AF
Awesome! Glad to hear it Erick.
What about facial recognition? Thank you.🙏
Hey there..thanks for the vid. Just want to ask how can I cancel my storage. I couldn't access my account anymore. Even phone verifications and alternate emails dont work. I don't want google to kwep on charging me. Thanks so much.
Thanks very clear and precise
Glad it was helpful!
I'm just extremely concerned as to what it says in the DUO description regarding security, it actually says in clear text that users that use DUO have ZERO TRUST!? That seems a little bit concerning if you ask me which I'm going to bet you definitely won't be, but it all seems very fishy to me, punn intended.
Brother once I put yubi... All bad email stop.. wow good
Very informative and helpful video. Thank you. 👍
All they have to do is use the built-in security on the phone itself. Like the fingerprint reader.
My email and UA-cam has been hacked for far too long. My Yubikey stopped working. Do they die after a few years? I have the Titan key which works the best. I was wondering if my keys went dead or if they got hacked. Do you have any idea? I keep getting the error message that you have tried to log in too many times only after touching it once. That is so weird to me. Do you know?
Awesome vid! I was going to buy the Yubikeys but the coupon is no longer valid 😞
Thank you very informative. I already have 2 step verification enabled and a strong password so I'm good right. Can I still get hacked with that. And how do you know if your account is hacked
And even though I have 2 step verification on I don't receive codes when logging in. I should right. I also have backup codes
How does 2FA work with normal email clients such as Thunderbird? I'm not going to take in an SMS code or scan my finger every 5 minutes.
Once you "authenticate" a device, you usually don't need to use 2FA again unless something happens to the account.
@@AllThingsSecuredThat's usable. Thanks. I also bought 1Password after seeing another one of your reviews. I only wish that a zero trust vpn vendor would allow it as an option. I don't want to mess with multiple authenticators.
Useful information
Great Information i will check this out Thank You.
Glad it was helpful, Jay.
Im sure its an amazing product, but how does one use this when signing in from their smart phone/ device that doesnt have a port to insert your tool?
Alot of people today dont use desktop/laptop and only use their phone.
If this isnt available for phones, thats a big percentage of the population being remived from this
My question too! Sorry to see he didn't answer you. Have you been able to find an answer?
Thank you so much ❤
You're welcome 😊
Using 2 factor authentication is probably the best option for ordinary users. Remember, if you use a smartphone, please do this first before you switch to it & or have a new number. Change this before you switch to the newer number & get a codd sent to this or your email, if its easier. You could get locked out & if your partner is happy to use theirs as a back up, the choice to 2 FA will pop up on the screen. It'll be a nightmare otherwise, because it happened to me & my back ups weren't current... 😮
Thank you .
Really helpful and well explained - thanks
I am getting confused. I just turned off Google's 2fa based on what I thought was your advice on another one of your videos, and now this video says to turn Google 2fa on! Am I misunderstanding? Could you please clear this up for me? Also, when I am ready to buy these keys, I want to use the site that gives you a commission, but the site below doesn't say that. Where should I go?
Lots of XYZ-ers here helped by this because they already posess the required degree of proficiency. All greek to me, and will be to most elders. Probably time to unplug. Sorry to be cranky but completely overwhelmed by flying images, galloping speech, and internet jargon. Slowing it way down helped a little. On the bright side...thank you for no background music.😘
I still dont get the FIDO thing on the yubi key set up. so confusing.
thanks
If you take away only one thing from this video I want it to be this: do not believe the advice of people who sell or promote products.
You also have to be critical, not only to negative way like thinking "this guy selling products, we have to be careful with anything he said", but also to positive way, because all he was saying was logic in my opinion, you can also double check to other creator, someone who just bought it, or simply neutral AI like ChatGPT, personally I don't have yubi-key yet, but doesn't mean whoever bought it cannot give it's own opinion.
Step one - pick an impossible-to-remember password that you won't forget... Different from all the other impossible-to-remember passwords. And don't trust the browser's "remember me" prompt - because they DON'T...
If you don't use it regularly you will forget.
Hi, question I sometimes find clients emails placed in filters or spam even I didn't check the spam box. Somehow they just land there. Super annoying. I also use a crm so maybe that's what's sending stuff there? I'm thinking of switching to Proton mail but I use surfshark so not sure if it's compatible.
I was thinking of buying yubikey but I know myself too well and I was thinking about either I hiding it too well in my house so I can't find it back or keep one close to wear I need it and then it get's stolen and used on my device. I have all my devices password and fingerprint protected and use strong passwords and authenticator apps. I still somehow think yubikey may be at some point the weakest link by either someone gaining access although the chances are really slim or I lose the yubikey or it goes defect from wear and tear.
Can google extentions get in your account using cookies? And if so are they able to reach anything valuable
To be honest its the best thing that has happened to me this week tbh I never taught of having my account back. but lucky me got recommended to *PRESTINCODDING* who helped get the account back....
Just create a temporary account and and send *PRESTINCODDING* a message request to help you ..Good luck❤️✅
I know that 2 factor authentication is enough but i have problem with spam email has red lock at the top sending everyday
I can feel your pain Geoff
I coudnt add my contact nu for any waire.2 step verification or send alart msgs.yellow colour sheild mark display.plz help
T thank you for this video very helpful 👍
That Voice