How Security Keys work (2FA explained!)

Поділитися
Вставка
  • Опубліковано 9 чер 2024
  • Out now NBTV’s new Ebook - Beginner’s Introduction to Privacy - available at:
    amzn.to/3hCGEmk
    For most people, a weak password is all that’s standing between your digital life and a hacker, and if that password is ever cracked, or leaked, you’re in big trouble.
    Security keys are one of the best ways to protect your accounts. They’re incredibly convenient, easy to use, and provide the best kind of multi-factor authentication. In this video we’re going to explain how security keys work, and show you how to choose one that’s right for you.
    We dive specifically into Yubico "Yubikeys" and other products in this video, and will look at open source alternatives in future videos!
    00:00 Intro
    00:33 2FA and Multifactor Authentication
    03:13 TOTP and Authenticator Apps
    05:38 What is a Security Key
    09:03 How To Use a Security Key
    10:18 Understanding Security Key 2FA
    12:04 Security Key Models
    15:18 Important Tips
    17:04 If Security Keys Are Not Accepted
    18:10 Outro
    More and more websites support security key 2fa. If you want the best chance of fighting off phishing attacks, you absolutely need one of these protecting your accounts.
    Brought to you by NBTV members: Lee Rennie, Reuben Yap, Sam Ettaro, Will Sandoval, and Naomi Brockwell.
    To support NBTV, visit www.nbtv.media/support
    (tax-deductible in the US)
    Sign up for the free CryptoBeat newsletter here:
    cryptobeat.substack.com/
    Beware of scammers, I will never give you a phone number or reach out to you with investment advice. I do not give investment advice.
    Visit the NBTV website:
    nbtv.media
    Watch this video on Odysee!
    open.lbry.com/@NaomiBrockwell...
    ________________________________________________________________________
    Here are a bunch of products I like and use. Using these links helps support the channel and future videos!
    Recommended Books:
    Permanent Record - Edward Snowden
    amzn.to/305negc
    No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State - Glenn Greenwald
    amzn.to/2UQmJ4m
    What has the government done to our money - Rothbard
    amzn.to/2KMzmcu
    Extreme Privacy - Michael Bazzel (The best privacy book I've ever read)
    amzn.to/3BLZ1gq
    Naomi's Privacy Bag: some of my favorite products to help protect your privacy!
    Use the Brave browser! brave.com/nao076
    USB-C to ethernet adapter:
    amzn.to/2lOVBoy
    Faraday bag (signal stopping, to protect your fob, credit card, computer, and phone)
    amzn.to/3DjIvCP
    Data Blocker (if you're charging your phone in an unknown port, use this so that no data is transferred)
    amzn.to/2SVh0J2
    Computer privacy screen (use your computer in public? Keep your information safe! Choose the size right for your computer)
    amzn.to/3F816Sn
    Phone privacy screen (don't let people in public see your private data, choose the size for your phone)
    amzn.to/3wNtYwb
    Camera cover (for computers and phones, so no one can access your camera without you knowing)
    amzn.to/2Mt7Hic
    Privacy Tip: Turn off your wifi and bluetooth when you're not using them!!!
  • Наука та технологія

КОМЕНТАРІ • 346

  • @outbackeddie
    @outbackeddie Рік тому +22

    I'm glad you focused on just one product. I'm "technologically challenged" and information overload is a real problem for me.

  • @suicidalpig2792
    @suicidalpig2792 Рік тому +37

    Great content as always Naomi.
    It's a fantastic service you are providing explaining how to secure our online transactions & keep our information safe.
    Please keep up the great work you do 😊
    Greg

  • @openeroftheway8596
    @openeroftheway8596 Рік тому +19

    Public key security is awesome. Phil Zimmermann and others changed the world. God bless them. God bless you and your team, Naomi. You bring good knowledge to many seekers. Thank you.

    • @vacsimile
      @vacsimile Рік тому +2

      Agreed, public key cryptography is amazing. Phil Zimmerman is a hero.

  • @CCalquemist
    @CCalquemist Рік тому +3

    This channel is a blessing. Your videos are amazing! ♥️♥️✨

  • @jbrock8596
    @jbrock8596 Рік тому +27

    I appreciate this video about security keys, you made it seem very simple. I think I am finally convinced to take the plunge, although password managers and security keys seem harder to implement when families are involved with shared passwords and access like they are in my household. I guess that sharing just makes the security more important, but it requires changing some habits as well as adding some new technology like security keys.

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому +10

      Oh passwords managers make it even easier for families because you can share passwords super easily!

  • @johnc202
    @johnc202 Рік тому +1

    Great video Naomi, Yubico, what a great explanation......Thank you!!

  • @martinwalker3088
    @martinwalker3088 Рік тому +4

    Another great video to get my head around. Thank you Naomi

  • @kevinfranco5449
    @kevinfranco5449 Рік тому +5

    That's only one thing I can say about this video, AMAZING, I have never thought about security on that way, it's shocking when you realize that you're unprotected

  • @antonygoedhals6272
    @antonygoedhals6272 Рік тому +1

    Great video! Thanks to you and Yubico.

  • @barriewright2857
    @barriewright2857 Рік тому +2

    Brilliant so much information but very useful and helpful, thank you.

  • @edmundpotrzeba8455
    @edmundpotrzeba8455 Рік тому

    Loved you honest and easy to follow video , thank you ❤️

  • @reikhard
    @reikhard Рік тому +1

    You are the BEST Naomi !!!

  • @chadboga1784
    @chadboga1784 Рік тому +2

    Great explanation Naomi!!

  • @frodev728
    @frodev728 2 місяці тому +1

    Naomi! I love your videos on security issues, always well researched and clearly presented. I’m hoping you will do an in depth video on PASSKEYS soon!?!? any clues as to when we can expect this?
    🙏

  • @BUBBLETEABOY
    @BUBBLETEABOY Рік тому

    I been using them for years love these keys, btw love love your channel.

  • @robertmonaghan5420
    @robertmonaghan5420 6 місяців тому

    Naomi Is Awesome! Thanks for The Insights and Tips. I've learned A Lot watching Your Videos. Thanks

  • @wingandhog
    @wingandhog Рік тому +7

    I have thought about this level of security for quite some time. After this review, I think it’s an important addon to consider. I think I will order a Yubi

  • @bcadams75
    @bcadams75 Рік тому

    Excellent breakdown of security keys

  • @ronm6585
    @ronm6585 Рік тому +1

    Great info. Thank you Naomi.

  • @thesingularity1010
    @thesingularity1010 Рік тому +1

    Thanks Naomi. Looking forward to your open source comparisons and options. Assuming Nitrokey and hopefully soon Mullvad.

  • @iMontemo
    @iMontemo Рік тому +2

    Great video. Thank you!!

  • @ldc1963
    @ldc1963 11 місяців тому +1

    Great video, lots of useful stuff, thanks

  • @natemarx4999
    @natemarx4999 Рік тому +12

    Naomi represents greatness.

  • @brucesyvertsen2147
    @brucesyvertsen2147 Рік тому +1

    Excellent information!

  • @John-oz1do
    @John-oz1do Рік тому +1

    Very informative, thank you

  • @evtyler
    @evtyler Рік тому +1

    Great video!

  • @Steven_nevetS
    @Steven_nevetS Рік тому

    Very very useful info Naomi. Thank you. I think losing these keys are going to be a problem....

  • @gerry2345
    @gerry2345 Рік тому +1

    I like this vid. Good insight.

  • @Deleurme
    @Deleurme Рік тому +1

    Hello. I go through google translate (sorry, I'm French): Thank you for your video which is very instructive. You demystify computer security.

  • @tyrojames9937
    @tyrojames9937 Рік тому +1

    GREAT INFORMATION!👔😀

  • @buckleymordecai9605
    @buckleymordecai9605 Рік тому +1

    SOOOOO helpful!

  • @nilesalih1740
    @nilesalih1740 Рік тому +1

    It's the best 👌 thanks alot

  • @you3d
    @you3d Рік тому +14

    What happens when the security key malfunctions? To fix this two or more security keys should be made registered where either one of them can be used to unlock the user from the mess.

    • @TMOC1977
      @TMOC1977 Рік тому +4

      I was also worried about this... What if I loose it, or it is damaged... Will I be locked out of my accounts?
      Naomi didn't mention if there was a seed phrase or something similar to use to recover if those scenarios happen.

    • @Chipchap-xu6pk
      @Chipchap-xu6pk Рік тому +6

      That's why they said to get multiple keys. Having a seed phrase somewhere is a risk. If one key breaks or gets lost, you can use the other. If you register multiple keys to an account, you can use any of them to access it.

    • @firalia
      @firalia Рік тому +1

      @@TMOC1977 That's why she said you need to get a minimum of 2 keys

  • @horsethief1472
    @horsethief1472 Рік тому +3

    Thank you sooooo much for doing this video! I use 2FA on my of my accounts but my old email was hacked recently, and it was devastating. I saw this security key option on some accounts, but it was very confusing. I will be ordering one of these options directly from the supplier tonight. Thank you again for helping to keep us safe.

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому

      💛

    • @edwardmacnab354
      @edwardmacnab354 Рік тому

      my bank has rescinded email and landline options for receiving verification codes and will do so only on smartphones

    • @Itsme-vo4fx
      @Itsme-vo4fx Рік тому +3

      @@edwardmacnab354 : The problem with have a code sent to a smart phone is, if I am outside my home country I don’t use my phone because of the high roaming cost.
      I once had to open my phone, in a different country, and after being closed for a month I received hundreds of emails and notices that were “parked” because the phone was closed. It cost me a fortune just to use my phone for five minutes. With email, I can use WiFi on my iPad to receive the authorization code without any cost. Using your cell phone is fine if you are within your provider’s territory.

    • @edwardmacnab354
      @edwardmacnab354 Рік тому

      @@Itsme-vo4fx I have two situations where my bank AND microsoft on windows 11 will not allow email or landline but only text and I do not have a mobile device that receives text. I have a landline that does not do text . Also, thanks for the heads up on that "parked" dam burst overcharge situation . with the backed up email . Terrible !

  • @chillsmeit
    @chillsmeit Рік тому +1

    When you talked about TOTP you could have referred Aegis OTP android app, It's Foss! Great work regardless!

  • @jwillisbarrie
    @jwillisbarrie Рік тому +2

    Thanks for adding actual captions for the Deaf

  • @davidyorkmunster9745
    @davidyorkmunster9745 Рік тому +2

    I allways wanted to get a Key, but was overwhelmed by all the information, thanks for clearing this very important topic for nubs like me greeings form Switzerland

  • @ericae9007
    @ericae9007 Рік тому +2

    Thanks for your expert research and information! ❤

  • @loneranger5928
    @loneranger5928 Рік тому +4

    Nice content👍👍 can you secure a computer or mobile device operating system with a yubico key

  • @KennyChong
    @KennyChong Рік тому +5

    Excellent video and couldn't have come at a better time as I've just received a set of security keys but have not set them up yet.
    I have read online of people using the same code to register their main as well as backup keys while in the video, the backup key is registered with a different code from the main key. Maybe seasoned security key users here might be able to comment on which method is better? Or maybe it doesn't make a difference?

  • @LennyinFlorida
    @LennyinFlorida Рік тому +1

    Thanks

  • @hamad7
    @hamad7 Рік тому +2

    What's UA-cam doing not recommending this channel all those years?

  • @matt_kelly
    @matt_kelly Рік тому

    I have a variety of devices on several platforms and the one that makes me hesitant about the YubiKey is the support for USB-C iPads isn't great. It's an Apple problem, not a Yubico problem, but still something to consider.

  • @igorangelievish8111
    @igorangelievish8111 Рік тому

    Hi Naomi, best 2fa for iPhone, many options, don’t know how to choose. I’m little slow😂😂😂😂thank you

  • @dorkusmaximus3033
    @dorkusmaximus3033 4 місяці тому +1

    Thanks!

  • @RagnarRipper
    @RagnarRipper Рік тому

    PIV is definitely my favorite way to authenticate...
    And I'll see myself out now.

  • @videocruzer
    @videocruzer Рік тому +1

    I too was also a Contractor for many years in the communications industry.
    I literally got to install the very first real time Packet Sniffing Server on the West Coast of Canada Friday the 8th 2001. At that time the Co that i worked for handled about 99% of the Data on and off Vancouver Island British Columbia Canada.
    The Black box was mandated to be installed in every head end in Canada that sold the internet or lose the ability to sell the internet. Mandated by the CRTC just before 911. Funny part of that story i helped install that Black box Friday and then Tuesday this group of people flew planes into building and life changed for everyone almost instantly. Pretty funny story when only a couple of us new that 1/2 mill box was sitting in our head end. The going joke back then when someone was standing next to it.. We would mutter.. That's one hell of a Black Box.
    As of late we have been told that the federal police in Canada's Communications network is now compromised by overseas Countries, last week we were told that all Video surveillance security devices in North America also compromised. My bet is not one chip shipped in the last 50 years would not pass the new inspection process. Pretty funny story Bro.

  • @M167A1
    @M167A1 Рік тому +5

    Great idea, too much trouble, all my users forget or lose their keys unless you tie it to them.

  • @capnmark4
    @capnmark4 Рік тому +3

    Thanks...I got a Yubikey a couple of years ago and it wound up being more of a pain than anything else. Not really the key's fault but the number of websites that didn't support 2FA via a security key. Most of them did support one or more authenticator apps so that is the way I've gone when I could and SMS when that is the only thing available. Now If I could just get the rest of them to move away from re-Captcha

    • @firalia
      @firalia Рік тому +1

      Yubikey 5 supports TOTP, which are the authenticator app codes. You can use it those as long as you have the Yubico app that supports them.
      That being said, I still think even the more basic Yubikeys are worth it for protecting your most sensitive accounts (email, password manager, bank if you can). Even if most regular things don't support it, the important things do, and that's what matters imo.

  • @electroteque
    @electroteque Рік тому

    I use my Yubikey 5 for my Windows login also.

  • @HiveMind2024
    @HiveMind2024 Рік тому

    You look amazing without glasses.

  • @johnsynapse2407
    @johnsynapse2407 Рік тому

    Can using a security break siloing/isolation by being linked through the Key ID?

  • @B13SR
    @B13SR Рік тому +1

    Can you make a video privacy focused NAS/Home cloud storage.

  • @feudiable
    @feudiable Рік тому +1

    Thanks again for the great information! So do I understand that correctly that to back up your login method in case you lose/break your key, you still need a different (ideally 2FA) method to log in? (Be it another key, TOTP etc)

    • @mbunkus
      @mbunkus Рік тому +2

      Yes. Backing up your 2FA is indeed a problem few people talk about. This area is where authenticator-apps based schemes actually have an advantage: most offer to back up your set of TOTP settings & secrets automatically & regularly. However, those backups have to be stored in a safe way, too.
      As for hardware tokens: I have several friends that actually have two sets of tokens: one for daily use, carried around with them; and another one for backup purposes, stored somewhat safely but still easily accessible. For each new site they want to access they enroll both hardware tokens.
      If you don't have any type of backup of your 2FA device/software, you implicitly rely on the site's password recovery functionality - and all the insecurity that might entail (mostly a question of how secure your email account is). Then again, I don't know a lot of sites that actually allow you to disable password recovery functionality for your account. It's all a bit… meh.

    • @feudiable
      @feudiable Рік тому

      @@mbunkus Oh, I didn't even think about the password recovery options, thanks a lot for your insights!

  • @chalion8399
    @chalion8399 Рік тому +2

    You can't state it enough. You need to be as secure as you can make yourself online. No one is going to take care of your online presence if you don't do it yourself. You may be just one fish in a huge ocean, but there are many people just looking for an opening to take whatever they can get from as many people that they can to benefit themselves. So, using any extra security just makes sense, even though it may be sometimes annoying to have to use it.
    Once you start using extra security and get used to using it all the time, you will not notice that inconvenience anymore. It'll just be habit.

  • @lloydl2943
    @lloydl2943 Рік тому

    It seems like the Webauthn passwordless technologies such as Apple Passkey eliminate the need for hardware keys such as the ones made by Yubico, at least for individual users. Do you agree?

  • @josank
    @josank Рік тому +4

    Reflections and observations....
    1) Showstopper bugs as more of these are deployed. Emergency patches for your little key.
    2) Your primary and backup both get stolen/damaged/lost, especially when traveling internationally.
    3) The joy of dealing with logins when traveling after both keys, for whatever reason, choke.
    4) Designing security that relies on cheap, fragile dubious hardware.
    5) Hacks to work around the root cause, which are operating systems that have horrible, creaking architectures baked in which invite endless flaws and bugs (0 day exploit du jour).
    6) Making the login process so tedious and annoying that people just start avoiding doing business online as the overhead, stress and drama is intolerable.
    7) You need a trusted friend or family member to log into your account during an emergency (like being detained by authorities in some borderline police state) and they have confiscated your keys. You are so screwed.
    The examples given above are all based on real events encountered over the years in my job.
    I've been in the computer security business for a long time. It continues to devolve. Hacks on top of hacks.

    • @transmitthis
      @transmitthis Рік тому

      I'm halfway through Cory's "Attack Surface", so I'm inclined to believe you.
      Plus the other peeps above who mention the Security Keys are only ever an "option" for websites, with the fallback being phone text or email, which seems to render these keys of very little actual use.

    • @edwardmacnab354
      @edwardmacnab354 Рік тому

      Please start a channel ! ALSO--- I'm going to use phone text verification for all my online banking transactions , it seems reasonable but then, the bank gives me no other option anyway. I cannot say how well this works as I haven't even set it up yet . I wish I could just mail cash to people , far less risky !

  • @nancym1430
    @nancym1430 3 місяці тому

    at 16:41 you say that if your key is lost/stolen, you just log into the affected accounts and delete that key. So I assume you have to use the backup key to log in, right? Thanks.

  • @genericdude6551
    @genericdude6551 4 місяці тому

    I use these yubikey security keys and they can be a hassle to use. Especially if you want to make a backup key later.

  •  Рік тому

    Yubico's website suggested the bio series don't have PGP. I'm confused.

  • @beardlyinteresting
    @beardlyinteresting Рік тому +5

    I'd always thought it was strange that asymetric keys weren't used for web site authentication. It's nice to know this tech is now being utilised.

    • @catchnkill
      @catchnkill Рік тому

      It already does. Web sites now use https and it uses public key cryptology to prove that you are connecting to a site that it claims to be.

    • @beardlyinteresting
      @beardlyinteresting Рік тому

      @@catchnkill Yeah that's not what I meant. I meant that you can't register to a site by giving them a public key so then only someone with the corresponding private key could then login to that account.

  • @hmssirius9343
    @hmssirius9343 3 місяці тому

    Do you need multiple physical keys, for example, if you had more than one twitter or gmail account?

  • @gigigigi9479
    @gigigigi9479 Рік тому

    If someone gets hands on your security key( yubikey) can it be modified?

  • @tigreonice2339
    @tigreonice2339 Рік тому +1

    Make a video about Google authenticator. Because Yubico key it's not selled in my country : (

  • @junaid2606
    @junaid2606 Рік тому +1

    As far as I know, banks in India provide only SMS based 2FA, which is highly insecure and most government bodies don't have any form of 2FA at all. If they do, it's only SMS based 2FA again. 2FA and security in India really needs a big boost.

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому +3

      Banks everywhere are notoriously awful with customer security options

  • @sachybullock3855
    @sachybullock3855 4 місяці тому

    Is the Google Titan key good?

  • @DevinAdint
    @DevinAdint 10 місяців тому

    Now if they could make one with builtin key fob ability and schlag door locks that support ncf and fido and then just slap an airtag key chain on it and it would be the only thing and your phone you'd have to go out the door with.

  • @Torterra_ghahhyhiHd
    @Torterra_ghahhyhiHd Рік тому

    can i add yuby key on to the trezor?

  • @MichaelSekati-gg4rk
    @MichaelSekati-gg4rk 2 місяці тому

    Where do i make the purchase for those security keys? 😮

  • @JadeSambrook
    @JadeSambrook 10 місяців тому

    If I am using security keys do I turn off all other 2FA options (SMS and Authenticator App) to maximize security? Or is it okay to leave another option turned on (for example Authenticator App) in case I lose my security keys? In other words, what are the recommended best practices when, for example, an account like Facebook allows for several 2FA options to be turned on at the same time?

  • @rphilipsgeekery4589
    @rphilipsgeekery4589 Рік тому +1

    I'm using Google titan keys , with Google advanced protection enabled , I found yubi to be a bit tricky on android

  • @__-nr9yh
    @__-nr9yh 3 місяці тому

    So two or more keys can be tied to any one account at any one time, and any one of the keys can grant account access?

  • @generic_official
    @generic_official Рік тому +1

    If an online service (primarily banks) only offers Email or SMS for 2FA, would Email be the better choice if it's locked down with a Yubikey?🤔

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому

      A service locked with a yubikey is going to be better protected I would presume

  • @pauliusnarkevicius9959
    @pauliusnarkevicius9959 Рік тому

    What if Last Layer would have Weakness for messing everything around and no point for previous Inputs?

  • @karmakanic475
    @karmakanic475 5 місяців тому

    Minute 16:30 if someone steals my bag that has my laptop and authentication key. How can I log into my account from somewhere else when I don't have the key and I didn't make a backup?

  • @joseluisesquivelgregorio1948

    Hi, thanks for the video. I would like to mention though that I come from Instagram and the title of your videos did not make it easy to find the one I was looking for 😅

  • @send2gl
    @send2gl Рік тому

    Your video has spurred me on to look in to these devices. A quick comparison on price with Yubico and Google's Titan shows the latter at 2/3rds the cost of Yubico and the Titan cost is for two devices.
    Now I know one usually gets what one pays for but these do look very simple solid state hardware devices so am wondering what would prompt someone to buy an expensive one.

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому

      www.zdnet.com/article/new-side-channel-attack-can-recover-encryption-keys-from-google-titan-security-keys/

    • @send2gl
      @send2gl Рік тому

      ​@@NaomiBrockwellTV Thank you for prompt reply. Report does suggest physical possession of key is required to enact the vulnerability so guess it negates that weakness unless keyholder is a particular target.

    • @send2gl
      @send2gl Рік тому

      Further to my earlier query, the Google Titan sales page is a wee bit misleading, under what's in the box it gives the impression two devices are included, it is actually just one which therefore negates any initial bargain impression.

  • @almarma
    @almarma Рік тому +5

    Very interesting videos about security. I have one doubt though: I feel these keys are really secure against online threads, but aren't they much less secure physically? I mean, what if your children take it while you're sleeping to buy stuff online? Or worse, why if during a break at work, you leave it plugged in your laptop and a college or boss use it to spy on you?
    My examples are quite simple, but I suspect there're some potential risks there, at least from a first look at it.

    • @MrTibast75
      @MrTibast75 Рік тому +2

      Well even if they had the yubikey they would need to have access to your open computer with an open email right? Just remember to log out and it is fine.... And if this still concerns you, get a bio yubikey that requires a fingerprint too

  • @robloxfan4271
    @robloxfan4271 Місяць тому

    they are quite expensive, but worth it

  • @DSR299
    @DSR299 Рік тому

    What if my email is MSN and not Gmail AND the email is hidden in a Password Vault? AND, what if I want to only use a Security Key for the iPhone and NOT the Desktop Computer?

  • @ygt-cd3mg
    @ygt-cd3mg Рік тому +2

    I got 6 yubikeys, 2 security keys, 2 Yubikey 5C NFC USB-C and 2 Yubikey 5C NFC FIPS 140-2 USB-C. Not gonna lie it’s very addictive!

  • @Domo01
    @Domo01 Рік тому

    Tubi key 🔑 is the best for security.

  • @felixaudet5860
    @felixaudet5860 3 місяці тому

    With the increasing number of websites that mandate you to download an app on your phone, and then scan an on-screen QR code for authentification, there needs to be a safer alternative for those who don't want the risk of a phone app. One better way of doing this would be a dedicated device, or just an updated login key device, that would have a camera that would allow to scan on-screen QR codes.

  • @mrv1264
    @mrv1264 5 місяців тому

    You didn't discuss the most important issue: compatibility with web sites that the individual needs to use. The much larger challenge is for web sites, enterprises, services, etc. to adopt a given mechanism for individuals to use for 2FA. What good is any of these security keys of web sites don't offer it as an option for 2FA?
    At the end of the video around 17:00, you briefly discuss this, but you could enhance the discussion by addressing the various protocols and the problem that, even if a web site offers security key 2FA, the problem is compatibility and support of specific systems and protocols.

  • @danohanlon8316
    @danohanlon8316 9 місяців тому

    My bank uses 2FA codes sent by email-but I have also set up with it voice identification. So isn’t that really 3FA?

  • @cleofaspintolimalima1627
    @cleofaspintolimalima1627 Рік тому +1

    ❤️❤️❤️

  • @RobSnow-ui4sz
    @RobSnow-ui4sz 19 днів тому

    Now you have to use passkey in Google so how do I go back to only using a security key.

  • @zigmn903
    @zigmn903 Рік тому

    What about Pegasus?

  • @Samy-ck8oo
    @Samy-ck8oo 3 місяці тому

    the problem that render this keys unless is that when You get your session cookie after you do your MFA. If your session cookie is long-lived, and the adversary steals it, then they can impersonate you without compromising your MFA.

  • @Burps___
    @Burps___ Рік тому +95

    I lose my car keys...can't imagine carrying a Yubi key. 🔑

    • @GulfCoastGrit
      @GulfCoastGrit Рік тому +11

      Do you lose them just in your home or everywhere you go?

    • @speedracer9132
      @speedracer9132 Рік тому +33

      This is why you never buy just one, buy at least two, personally I have 3. Keep one spare at home and the other at a trusted family member’s home

    • @speedracer9132
      @speedracer9132 Рік тому +10

      @@kimsvendsen chances are your SMS codes are more likely to get hacked via sim swap or clone rather than hassles of these keys

    • @therealb888
      @therealb888 Рік тому +9

      @@speedracer9132 fact is, as much as we like to think hacking is solely technical, hackers always go for the lowest hanging fruit.
      Some countries have much stricter regulations and invasive identity checks for SIM registration like compulsory in person checking, (though easily beaten by corruption.) Even then, pickpocketing and theft are more common, making an authenticator app or sms more safe in these cases. Hell sometimes you can't even buy genuine hardware keys without insane tariffs & markups as an individual.
      This is why threat modeling is necessary. In edge cases, fundamentally more secure options can end up being less optimal.

    • @mr.amsterdam2063
      @mr.amsterdam2063 Рік тому +4

      @@kimsvendsen Loose 1 key still have your hardware YOU can remove the lost one, but if they get in your house and stealing all together you maybe right I dont know, what I do know is SMS is weak and easy to intercept. Conclusion, maybe you need to look a better way for 2FA sms? Solution, I dont know what is the best and most secured way. It depends personal and in wich case because we use all different senario. That is why for example a Yubikey has not just 1 kind of key, but many to choose from.

  • @per_sev
    @per_sev 2 місяці тому

    Would be even better if they allowed people to choose this as the first factor of authentication before the password can be tried.

  • @_Forever555
    @_Forever555 Рік тому +1

    Can you show us how to set it up? It’s hard to understand

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому +1

      Good idea, perhaps I'll put out a supplementary video. In the meantime, whichever account you want to add this 2fa for, go to the security settings for that account, and it will tell you whether they support security keys or other 2fa methods!

  • @dorothydeese2048
    @dorothydeese2048 Рік тому

    One thing to note

  •  Рік тому

    Nitrokey > all

  • @GuntherGlesti
    @GuntherGlesti Рік тому

    Can I later opt out of using a key? What if I lose the key?

  • @thomasreedy4751
    @thomasreedy4751 Місяць тому

    So where are all of the follow up videos going over keys other than YubiKey and Fido2 authentication???

  • @gmmxn
    @gmmxn Рік тому +1

    I have used yubikeys for years... Everyone should do the same, in fact some of my relatives and friends are going to receive yubikeys as Christmas' present.

  • @ramadaneel8048
    @ramadaneel8048 9 місяців тому

    What is the use of 2FA and security key if your wifi is hackable with a single linux command ?

    • @smart_computing
      @smart_computing 6 місяців тому

      Why do u hack the wifi in the firdt place, is it not to get password, now via security keys no password to send. The private key only stays on the device, you can't get it.

  • @4NowIsGood
    @4NowIsGood Рік тому

    What happens if I lose all my keys,no secret seed praise to configure a new key? I'm afraid of being locked out forever from some sites that won't believe me.

    • @stacknsat
      @stacknsat Рік тому

      There is a new wallet coming out called timepaysme

  • @geraldmorrow7069
    @geraldmorrow7069 Рік тому +1

    Will passkey make hardware key’s irrelevant?

    • @NaomiBrockwellTV
      @NaomiBrockwellTV  Рік тому +1

      I don't think so, you should still use 2fa even when passwordless