NEW! Strongest 2FA for Apple devices - Yubikey + iOS

Поділитися
Вставка
  • Опубліковано 15 лис 2024

КОМЕНТАРІ • 220

  • @markukblackmore
    @markukblackmore Рік тому +40

    None of the videos on this topic cover the most important aspect. Which is what are the events that require the key to be presented? Do I need to have a key with me or can I leave it at home? I am not worried about losing my phone. But I do want to have a contingency for being robbed. If it am robbed of both iPhone and key - which does seem likely - then what? I see the key has its own PIN. Is that always requested?
    I’ve started to use screentime to restrict Apple ID access with a separate PIN, the screentime PIN. How does that affect when the iPhone prompts for the hardware key? A video covering these aspects would be so much better than just walking through the settings.

    • @sashadebosh
      @sashadebosh Рік тому +6

      Yes!

    • @HazyIPA15
      @HazyIPA15 10 місяців тому +14

      1000% agree. All of these content creators really miss the mark when it comes to real use applications. Imagine their views and subs if they did a 5 minute video covering actual use scenarios with Google, Gmail, iCloud, windows, devices Etc. just the top 2-3 uses for each would be phenomenal content but they can’t get their head away from elementary school set up videos.

    • @baby333
      @baby333 6 місяців тому

      Did you ever figure it out?

    • @baby333
      @baby333 6 місяців тому

      @@HazyIPA15 True.. did you know the answer to when will it be ever required btw? :P is it only to login to icloud/appstore?

    • @richstilke1227
      @richstilke1227 5 місяців тому

      Yubi keys don't work. This guy is just making money off of scamming them.

  • @LimpTwentyTwo
    @LimpTwentyTwo Рік тому +4

    Could you share your idea on why do you use 2 different iPhones? Do you have a video about that? Can you make one? it's really interesting to know!

  • @vanshrider5561
    @vanshrider5561 Рік тому +3

    So I have yubikeys on the way. My question that I have before I plug them in and do what you did on this video is
    Did you do anything to the yubikeys before you did the procedure in your video? OR do I just run through like you have in the video ? Can I set up the yubikey pin or passcode after the fact from my iPhone or iPad??

    • @dta97392
      @dta97392 7 місяців тому

      Did u ever get a answer from this guy or somewhere else?

  • @udvarhelyibalint
    @udvarhelyibalint Рік тому +28

    I feel like losing hardware keys have a much higher chance of happening than being hacked despite using a TOTP

    • @aliancemd
      @aliancemd Рік тому

      And in comparison with modern phones, these keys are not findable

    • @Tech-geeky
      @Tech-geeky Рік тому

      @@aliancemd worse ever.. Having said that, i refuse use to use "Find my" on Apple devices, Perhaps it's just because i value some things more than others.

    • @Tech-geeky
      @Tech-geeky Рік тому

      I dunno... i mean not many people i know have YubiKeys...
      Everyone is on the internet today.. You choose. There is no comparison as the choice is crystal clear.

    • @ramonbs6075
      @ramonbs6075 Рік тому +7

      That’s why you must have redundancy

    • @Vim_Tim
      @Vim_Tim 9 місяців тому +8

      This isn't a big deal for a few reasons:
      1. Most accounts require at least 2 security keys to be registered. You're supposed to keep the backup somewhere safe in case 1 key is lost. In contrast, many TOTP apps have no backup or a code backup that hopefully is written down and not lost.
      2. The key doesn't tell you where it's registered, so someone who acquires a lost security key needs to find out somehow what accounts the owner uses. In contrast, TOTP apps often tell you where the code is registered.

  • @davidstone408
    @davidstone408 Рік тому +18

    Chris - you missed out a few important issues - 1. If you have windows devices connected to you iCloud account this will not work. 2. If you have managed Apple ID this doesn’t work (school or Business) managed devices 3. Child Accounts and Older Devices of course - so some major concerns

    • @scottmdecker
      @scottmdecker Рік тому +1

      I enabled 2FA using Yubikeys and then launched iTunes on Windows and was able to log into my Apple account without any issues.

    • @Tech-geeky
      @Tech-geeky Рік тому +2

      Apple likes to do their stuff THEIR way.. If they do have it, it would be only local.
      I think its the same reason Apple wouldn't apply other apps access apart from Trusted Devices they like to enforce for the same reason.. As much as secure others wanna be, Apple thinks any link (like use of third party app to authenticate), can be missused... If the app got tamped with, downloaded from a malicious source., or on iOS "jailbraked". As good as iPhones are they really don't like to give people options either. The only way they can verify, if they do it directly...

    • @Lucas_van_Hout
      @Lucas_van_Hout 11 місяців тому

      The no windows sucks

  • @panosp94
    @panosp94 Рік тому +4

    Thank you so much for the advice ! Always relevant!🙏You mentioned something about two separate phones! I have been brewing this idea in my head for a while now but can’t seem to be able to find the following answers to: which phone holds which info?, can I have all my banking on one and the rest on the other? (Leave one at home ?) Can I use same appleid on both?, If someone steals one - can they break into both? The main question is what would be the best way to separate one category of info from another ! Sorry for the list but have hit a wall! 😂thank you and keep up the great work for us !!

    • @dta97392
      @dta97392 7 місяців тому +1

      Did u ever get a answer here or anywhere?

    • @benalbritton999
      @benalbritton999 4 місяці тому +1

      I’m going to be using a separate dedicated device, either an iPad or iPhone, for banking / financial with a separate dedicated iCloud account used only on that device, not on any other devices. No web browsing. No clicking on links. No other activity, just the banking / financial. Only using the email that comes with that dedicated account, if I even use that email. I’ll be locking the account with a physical security key such as Yubikey. If something happens, such as losing all my security keys, then I’ll just start over again. It will be the iCloud account I’m locked out of, not the banking.

    • @panosp94
      @panosp94 4 місяці тому

      @@benalbritton999thanks for the guidance! Yes a separate device is I think the way to go!

  • @notreallyme425
    @notreallyme425 Рік тому

    Seriously, the hair looks a lot better than it did in 2020.

  • @dukeseb
    @dukeseb Рік тому +1

    Something u are, something you know and something you have

    • @aliancemd
      @aliancemd Рік тому

      That’s for FaceID. He is encouraging people here to switch away from 3FA, to 2FA(password + hardware)…

  • @ABOhiccups
    @ABOhiccups Рік тому +1

    Thank god! Thank you! Having iPhone as 2FA for Apple Account is a horrible idea! What if my iPhone bricks? Then I’m screwed! You need to login to your Apple Account to check in for your iPhone repair or replacement. Using Yubikey as 2FA is way better and more secured!

    • @Tech-geeky
      @Tech-geeky Рік тому

      The same can be said about these FOB keys.. what if you loose them ? Unlike a phone you CAN set up to track it, how can you track a secure token ?? If you could, wouldn't that break the secure model ?? etc... There are always trade-off's.
      This could be the reason why these FOB's will never be global standard for all by default.. They can;t... I don't see how when you have to give users options.

    • @ABOhiccups
      @ABOhiccups Рік тому

      @@Tech-geeky There was a tracker device for U2F Security Keys. And there are many more options out there!
      ua-cam.com/video/Z92JMdPrbu0/v-deo.html

  • @garyhenwood-fox9814
    @garyhenwood-fox9814 Рік тому +8

    I was expecting prompt for a security key when changing my Apple ID password on a trusted device - but it doesn't. so if iPhone passcode is compromised, you can change Apple ID password and remove security keys because its already logged in as a trusted device - why is that ?

    • @Waltaere
      @Waltaere Місяць тому

      That part is up to us to not let any unsavory entity(s) get to close to our stuff

  • @teamvigod
    @teamvigod Рік тому +20

    Did you remove your other forms of authentication or only use Yubikey as additional form of 2FA?

    • @vrbz
      @vrbz Рік тому +1

      if you trust that you won't lose it then remove the rest, since others are actually quite insecure despite the name

    • @aliancemd
      @aliancemd Рік тому +2

      It’s not true that it’s “insecure”, if you use FaceID on your queried device. You are switching from 3FA(biometrics - “what you are” being the 3rd authentication mechanism) to 2FA…

    • @Tech-geeky
      @Tech-geeky Рік тому

      @@vrbz That's the problem right... anything extra you have, even when its smaller, the risk of loosing it, increases
      While SMS is not secure, you have to go to great lengths to loose a mobile phone,. One way, would probably be attaching Yubikeys to your keyring, so where ever your car keys go, they go
      I have regular USB keys i store important stuff on, and i only keep them in my wallet... That's way, i always know where they are... (I'm not likely to loose my wallet) yet.... But IF that ever happens, i'lll deal with that when it happens.

    • @ravis1059
      @ravis1059 3 місяці тому +2

      ​@@aliancemd The problem with FaceID is that, it can be bypassed to use passcode to unlock

    • @pwh5805
      @pwh5805 15 днів тому

      @@vrbzTry removing your phone number as a 2FA option in your Apple account. I’ll wait.

  • @aliancemd
    @aliancemd Рік тому +8

    2:01 “phones can be lost or stolen” - same goes for YubiKey, the only difference here is that modern phones are findable while you can say bye to your YubiKey.
    Technically, authenticating with iPhone FaceID is more secure(that’s besides the fact that it is findable in comparison to YubiKey), it’s 3FA: password(what you know) + phone(what you have) + biometrics(what you are).

    • @emerelle3535
      @emerelle3535 Рік тому

      I feel like TouchID or FaceID are just replacing the password: Phone AND (Password OR biometric).
      Also the YubiKey in this scenario ist just 2fa for the Apple ID itself, like, when you add a new device to your Apple ID. You still unlock your iPhone with PIN or biometrics.
      But I don't think the device itself where you logon is counted as a factor, or otherwise every login would be 2fa by default since you need a device (computer/phone) to put your login-data in. :P

    • @aliancemd
      @aliancemd Рік тому

      ​@@emerelle3535 The devices are counted because somebody stealing(ex: random website database dump where you used the same password and email) your Apple login and password, gets access to 1 authentication mechanism but now needs to obtain your phone and biometrics, to be able to login into your account.

    • @Tech-geeky
      @Tech-geeky Рік тому

      I guess ya, you can get addition hardware which would track this stuff, why why should you need to ? If something by design promises its secure, why is it let down by "oh right, you need something else to track it"
      Why isn't it part of Yubikey ?? If your gonna make promise sin security, do it.. In fact, i could argue loosing something is actually the "most important" thing. as everyone has the tenancy to loose stuff .. You can't fix that problem.

    • @richardpetty9159
      @richardpetty9159 Рік тому +1

      That’s not the only difference.
      The a lost iPhone is a goldmine asset; a lost Yubikey is just a tiny bit of worthless junk.

    • @BrainFester
      @BrainFester 10 місяців тому

      “Yubi key security key pass code”. Where does that come from?

  • @tsentry
    @tsentry Рік тому +4

    Where’s the old music? 😊

  • @rydmerlin
    @rydmerlin Рік тому +4

    Can a single yubikey be used for multiple sites?
    This video is incomplete without a demonstration of how to use the key after you’ve added it to your Apple ID.

  • @st.josephsparishtakapuna1433
    @st.josephsparishtakapuna1433 Рік тому +1

    And what happens if your yubikey is lost?

  • @mikemckenna4816
    @mikemckenna4816 Рік тому +1

    Does enabling this on my Apple ID mean that it’s enabled on all devices or just this device that I enabled it on?

  • @vijayshukla5312
    @vijayshukla5312 Рік тому +2

    In your video, you mentioned about entering pin for Yubi keys. Where do I get the PIN?

    • @lewisdoe4137
      @lewisdoe4137 10 місяців тому

      When you first setup key they ask you to create a pin too

    • @BrainFester
      @BrainFester 10 місяців тому

      @@lewisdoe4137 Who’s they? Yubikey web site? Apple? Thanks

  • @Opa747
    @Opa747 Рік тому +1

    At minute 5:00 you talk about the iPhone without a plan. Can you talk a bit about that? Is there a SIM card? Or does it just use home wifi? Where do you get them? Are they the unlocked phones I hear about?

    • @dta97392
      @dta97392 7 місяців тому

      Did u get a answer? this seems to be a TERRABLE Channel for answering questions/

  • @P3NGU1N10
    @P3NGU1N10 9 місяців тому +1

    i have a question. ! how do you change or remove a yubekey after loosing one of them, wanted to replace with 3 keys.

  • @aliancemd
    @aliancemd Рік тому +7

    People, please don’t do this…
    If you have FaceID enabled on the device receiving the code, you are using 3FA(password+findable hardware+biometrics/who you are). Please don’t switch from 3FA, to 2FA(password+non-findable hardware) because a guy made a video about it…

  • @emerelle3535
    @emerelle3535 Рік тому +7

    I also think about protecting my AppleID with three security keys but I’m still too concerned of locking myself out during vacation or when I’m not near at one key. :/

    • @m.simmons7149
      @m.simmons7149 Рік тому +5

      I have the same concern. Although, you could always carry a Yubikey on a keychain, as many do, in situations where you think you might need it. (It's seems very unlikely someone would steal both your iPhone and your Yubikey at the same time).
      And you could always leave your Yubikey at home (or in a hotel safe when on vacation) when there's a greater risk, e.g. when going out for the night or traveling.

    • @aliancemd
      @aliancemd Рік тому +1

      Don’t get why you would go from 3FA(password+findable hardware+biometrics) to 2FA, “because a guy on the internet made a video saying it, so it must be true”

    • @Tech-geeky
      @Tech-geeky Рік тому

      some things are 'secure enough'. Give me an option to disable 2FA while understanding the risks for 'individual's" account, and i'll turn it off within 2 minutes..
      Forcing people down a road... Its a travesty against nature.. This little black duck goes his own way

    • @Tech-geeky
      @Tech-geeky Рік тому

      I get locked out as is... How secure is secure ? No one like to use multiple methods just to access their Apple account. 2 may be ok, but not 3 or 5 ... That's going overboard..
      People can say their the "most secure kid on the block" but at what cost ? If you have to go through multiple layers, it's not going to be very good, when you need it most, but loose one of those. Basically, the more you have, the more you have to rely on yourself too.

    • @aliancemd
      @aliancemd Рік тому +1

      @@Tech-geeky "but not 3 or 5 ... That's going overboard..". 3FA with iPhone is easier to do(just pick your phone and look at it) than 2FA with YubiKey(insert into a USB port, wait a sec and then touch it).

  • @simonb7556
    @simonb7556 Рік тому

    A good clear video. What is the mat on your desk?

  • @TheJoaolyraaraujo
    @TheJoaolyraaraujo Рік тому +12

    When I’ll be asked to use the key? Only to setup new devices? Can I still have a security code? Dois this disable the Apple’s 2FA trusted devices?

    • @Matschbacke25
      @Matschbacke25 Рік тому +3

      Yes, when you want to sign in to your Apple ID. And no, you cannot use security codes anymore.

  • @utuber1000
    @utuber1000 6 місяців тому

    I use a Mac but my phone is an Android and I don't want to switch to an iPhone or an iPad. Does this video tell me how to set up my Yubikeys with my setup; or can you tell me here?

  • @dudeh9702
    @dudeh9702 Рік тому +2

    What do you use the 3rd YubiKey for? Primary, backup, off-site? Primary, backup, spouse?

    • @NoSubstitute
      @NoSubstitute Рік тому

      Yes x 6. 🙂 Also, you may have systems that need a different kind of key, or you want a Nano that's always inserted in the device.

    • @everyhandletaken
      @everyhandletaken Рік тому +3

      @@NoSubstitute I’ve always struggled to understand the nano, I must be missing something. If it’s plugged into a pc or laptop & said item is stolen, they have your device & the key, so what protection is it providing?
      Sorry if I am too stupid to see something obvious here.

    • @garolstipock
      @garolstipock Рік тому +1

      @@everyhandletaken No.. you are correct, but for some people, they have decided to balance security with convenience, leaning more toward the convenience side of things.
      It can prove to be very difficult and maybe frustrating enough to be a zealot at this that one might abandon use of the keys if it proves to be a frustrating endeavor. I did for a time.. I simply don't live with my housekeys physically on my person all the time, especially when using a computer at home. It had become a real pain as my keys were somewhere else too many times when I needed them to authenticate into a site/service.
      Almost walked away from using the keys, and did for a spell and went back to TOTP on authenticator app. It was later that I decided to cure my frustration by using YubiKey neo's in my desktops at home.
      I understand the risks, and have had the debate with myself, but in the everyday I find having to reach for the one key.. and at this point, it isnt one key, because my desktops are older units and only have USB-A ports, and my laptops and mobile phones have USB-C for android and laptops, and lightning for my iPhone, so even then, the solution that works for the desktops wont do anything for all the other devices I have.
      So, the desktops get Neo's and I have a series 5 C for all the rest that I use when generally out of the house.
      This is the solution I arrived at that works for me, with full knowledge and acceptance of the risks. I figure if I have a home invasion where those keys are taken, I can go into the accounts where they are used and remove those keys. I'm thinking it'll be some kind of epic day if that were to actually happen. Not impossible, admittedly, but... whew.. I don't think so.. So much more sensible swag in my house to swipe other than my computer keyboards (that is where the neo's are plugged into on my desktops).

    • @everyhandletaken
      @everyhandletaken Рік тому +1

      @@garolstipock I really appreciate the in-depth response, super helpful for my understanding on this.
      You definitely raise a very good point that I had not thought of.. I just had in my mind that the nano would be plugged directly into a USB port, but having it plugged into a hub or keyboard, in your case, makes a lot of sense. As you say, thieves probably cares about stealing a keyboard or a USB hub!
      Definitely going to grab a couple a couple 5 series. Thanks.

    • @Tech-geeky
      @Tech-geeky Рік тому

      @@NoSubstitute "your in dongle heaven buddy" :)

  • @16deliafern
    @16deliafern Рік тому +1

    Why is your one Yuba key without a black cover? Did you remove it? I don’t see that option on their website, but it looks cool. Can I buy it that way?

    • @dta97392
      @dta97392 7 місяців тому

      No answer?

  • @m.p.5821
    @m.p.5821 Рік тому +5

    I love your videos, but why are you no longer reviewing Ubiquity products?

  • @FreddyMorales
    @FreddyMorales Рік тому +1

    What happens if I loose the key?

  • @briangreene4277
    @briangreene4277 Рік тому

    Question: Does the product support IOS 17??

  • @Ben-sz4ow
    @Ben-sz4ow 8 місяців тому

    Great Info thanks!

  • @vagnsteen5130
    @vagnsteen5130 Рік тому +1

    Where did the key PIN come from? "Once your Yubikey is detected, you’ll have to enter in your Yubikey PIN code and do the..."

  • @SteveEarly-jn6kp
    @SteveEarly-jn6kp Рік тому

    thanks for the video! question, I have used the2 yubi key2 to lock my Apple ID on my Mac Pro and I phone! will that automatically lock it on my iPad or do I need to use the yubi keys to lock it out on my iPad? thanks

  • @JodiSte02
    @JodiSte02 Рік тому +2

    My yubikeys don’t seem to have pass codes. They were just recognised and worked without issues. What is this pass code about?

    • @Waltaere
      @Waltaere 8 місяців тому

      Yea, i too am wondering the same thing 🤔 lols

  • @xlion
    @xlion Рік тому +1

    But don't support on Windows, so I can't enable it, or I will not able to login on Windows application.

  • @jadamsnz
    @jadamsnz Рік тому +2

    I'm using standard 2FA with my Apple devices. While some can run 16.3 others can't and none of my Macs can run Ventura. If I were to add Yubikeys to my account would the older devices still use the current 2FA method and the newer devices use the Yubikeys or would I have potentially locked myself out of using the older devices for 2FA or some other weird combinations of 2FA and Yubikeys depending on device?

    • @NoSubstitute
      @NoSubstitute Рік тому +2

      It's not going to let you enable it with older devices connected to your AppleID.

    • @jazzmastert
      @jazzmastert Рік тому

      I have a feeling you have to update to log in. I tried to log an older Mac running Catalina into iCloud and it told me I’d need to update my OS!

    • @aliancemd
      @aliancemd Рік тому

      You are actually using 3FA, if you get the code on a device with biometrics, like FaceID.
      He suggests switching from 3FA, to 2FA

  • @quiles26
    @quiles26 Рік тому +2

    I started using proton mail. Unfortunately unless you pay a premium you can only see one account at a time. Would it still be secure to add the PM accounts to Apple mail?

    • @NoSubstitute
      @NoSubstitute Рік тому +2

      You shouldn't be using other apps to manage secure email, like Proton.

  • @JohnSmith-zl8rz
    @JohnSmith-zl8rz Рік тому +1

    Video start at 5:23 thank me later!

  • @Cyber_Okie
    @Cyber_Okie Рік тому

    Where did you get the clear version? I’m not seeing it listed on their site.

    • @haraberu
      @haraberu Рік тому

      It was a limited edition.

  • @ultrastoat3298
    @ultrastoat3298 4 місяці тому

    The problem with this is that they essentially remove your one time passcode option, or they make it very convoluted to get to because I could never find it. For example after I registered by 2 security keys i could NOT login to the website without them. Like at all. There was no send push notification to your your iPhone option like there usually is. So I promptly deleted them. I want these in ADDITION to the way I login now, not INSTEAD of.

  • @RenoirB
    @RenoirB Рік тому

    Did you yry out YubiKey as a « Smart Card » for macOS login?

  • @waleedantar4991
    @waleedantar4991 Рік тому

    Can I use type C with iPhone when I want install it first time via NFC ?

  • @FFWrench
    @FFWrench 11 місяців тому

    Can you update with a new video? iOS 17.2 is not the same and there isn't an obvious place to add physical keys.

  • @SeanPea
    @SeanPea Рік тому +2

    Does Pixel / Android support this natively too? If so, can you do a video on it?

  • @RobbieRobski
    @RobbieRobski Рік тому

    I don't use apple products, but is this only securing your apple id so you need these keys to log into apple services, or does this also mean you can't unlock the phone without the hardware key?

    • @david-tracy
      @david-tracy Рік тому

      Good question

    • @Tech-geeky
      @Tech-geeky Рік тому

      I'm gonna assume 'services'.... Apple locks down their devices pretty good and they won't trust anyone, but themselves.. If they doi end-to-end security without a third party app, (fear of not able to verify) why would they allow it here to just unlock your device locally? Either way, your using 3rd party product/app etc. ... to unlock a product you bought from Apple. Still be the same situation, It would be convenient.

  • @ronm6585
    @ronm6585 Рік тому

    Nice! Thanks.

  • @dukeseb
    @dukeseb Рік тому

    I like the idea of them but honestly the convenience is not there.

  • @shexie9073
    @shexie9073 Рік тому +1

    What I don't understand explained on this video is why the hell iphone needs a minimum of two yubikeys, aanyone here please care to explain? Was it just plainly really for redundancy in case you lose one of it or this is the default minimum for IOS 16.3 by default?

    • @sermarr
      @sermarr Рік тому

      Good question. It's best to have a backup key, but I seriously don't think it's necessary if you have another backup method. For example google has 10 one use codes, or Authenticator that you could keep on an old backup phone. I think it's just laziness on Apple's behalf and they only have this method implemented. They probably think you should go full security gung-ho with two keys, because Apple products are overpriced anyway, you have the money to spare, so you can afford two yubikeys. If they DO have other methods, like Google has, well.. that's Apple for you. Btw I don't own Apple products but I work with them, that's why I watched the video. And.. I only have one yubikey.

    • @melorama808
      @melorama808 Рік тому

      This is actually a smart thing Apple did with this implementation. Yes, theres no technical reason why you cant just enroll a single key to your account, but to not enroll at least an additional backup key would be a very very bad idea. Having a 2-key minimum basically forces the user to not make that mistake. Unlike other 2FA mechanisms, theres no way for Apple to reset your Yubikey 2FA if you lose your key. Having an additional "backup code" method like Google does defeats the purpose of why youd want to use Yubikeys to begin with. The whole point of security keys is to minimize the possibility of having your 2FA codes phished or obtained by malware, etc. If you have a list of "backup codes" saved or printed out somewhere, they can be compromised without your knowledge. The Yubikey requires that you physically insert the key, AND that you touch the key when the site/service requests the authentication, so it's effectively malware/phish-proof.

    • @sermarr
      @sermarr Рік тому

      @@melorama808 I agree it is the best, but not everyone, like me, is willing to buy two keys as I'm just trying it out for now. I think it's just patronizing. Typical Apple. And they already have other methods in place that are as insecure or worse than having only one key. So no. It straight patronizing, or laziness, or they hold yubico shares.

  • @Dennis-gv6xv
    @Dennis-gv6xv Рік тому

    Great video, one question after plugging it in I am not getting prompted for passcode/PIN for the Yubikey, do I have to set that up separately?

  • @williamdavis2565
    @williamdavis2565 Рік тому

    Question: I do have an iOS device with the requisite OS. Once I set this up on that device, is it possible to set up the Apple ID on an older device using an older iOS? Thank you in advance.

  • @debbiehenry7756
    @debbiehenry7756 11 місяців тому

    I have an iPad & iPhone 15 pro max There is no place to plug in anything but a charger.
    My phone I can hold the key to & it works
    The iPad, doesn’t work
    Help please

  • @dta97392
    @dta97392 7 місяців тому

    I c some questions I would like answered also/ does this guy answer them? evidently not

  • @electronroom
    @electronroom Рік тому

    Can I have security keys from different manufacturers for redundancy? Say a Yubikey and the backups are Feitian and a Trezor?

    • @aliancemd
      @aliancemd Рік тому

      If you trust all the manufacturers, why not. Remember that every separate key is a door into your account.
      Using FaceID on the queried device is still more secure…

  • @chiendo2000
    @chiendo2000 Рік тому

    Can you delete the registered key with Iphone passcode. If you can then you are back to the current iphone security problem that if someone steal your phone with your passcode then they can change the Apple ID

  • @daveaultman7688
    @daveaultman7688 Рік тому +1

    Why bother with hardware keys if you’re leaving SMS 2FA enabled?

    • @Tech-geeky
      @Tech-geeky Рік тому

      its more secure ..... However, convenience always seems to over-ride everything now-a-days too, so i don't blame people for not using these dongles, because its dictated (like everything), "where" you can use them,
      Until you force users out of the 'comfort zone' nothing will change on a mass-scale. I mean, banks here in Australia, few offer Yubikey access and excuses start to boil over very quickly. "Don't use Westpac, because they still rely on SMS"
      just to make the point of course. You can say the same about anything. I'm sure credit union like P&N bank don't offer this either, but i don't care. Its extra security, thankfully

    • @lewisdoe4137
      @lewisdoe4137 10 місяців тому

      Technology changes over the years so it good to keep up with it

  • @Zedris
    @Zedris Рік тому

    Problem with yubikey totp tht i found out is that there is a limit to how many they can have. 30 or 39 is the max if im not mistaken which was a huge bummer

  • @jwspock1690
    @jwspock1690 Рік тому

    Top - Thanks !

  • @foodlover9610
    @foodlover9610 Рік тому

    So if I get the keys to add to iCloud, can use the same physical keys for other services as well? Like google. Or do I have to buy one key per accounts?

    • @NoSubstitute
      @NoSubstitute Рік тому

      One key for multiple accounts! One key for multiple devices! But you should always get two, so you have a backup for when you lose the other (not break, as they are basically indestructible).

    • @lewisdoe4137
      @lewisdoe4137 10 місяців тому

      Those keys can break it how to be really really really strong to do so

  • @robwin0072
    @robwin0072 Рік тому +1

    Does implementing Yubikey on the iPhone replace Face ID or passcode to unlock my iPhone?

  • @lelanydegiacomi4044
    @lelanydegiacomi4044 10 місяців тому

    Exactly that’s happened all my private phone it goes to . 😢😢.

  • @shadow.banned
    @shadow.banned Рік тому

    Safety first.

  • @roger1818
    @roger1818 Рік тому +1

    It seems as though you didn’t need to use one of your keys to add the third. Does that mean if someone steals your phone and Lock Screen passcode (it’s a thing) they could just add a new key to bypass this protection?

    • @RobbieRobski
      @RobbieRobski Рік тому

      Based on my experience with these and other services, once you are already authenticated then you can do whatever.

    • @roger1818
      @roger1818 Рік тому

      @@RobbieRobski IMHO, administrative changes that are only done occasionally should require more security. I was hoping Yubikeys would plug a security hole that thieves are taking advantage of. They secretly watch someone enter the lock screen passcode while out in public.(often at a bar restaurant), and then snatch the person’s phone. Within minutes they have changed the persons, iCloud, password and disabled. Find my iPhone. They then look at the persons, keychain defined all their passwords and transfer out all their money. The person is then permanently locked out of their iCloud account, losing all their photos if they’re backed up there. In some cases, they’re also permanently locked out of all the other Apple devices like MacBooks, and Apple, can’t help them, unlock them.

    • @RobbieRobski
      @RobbieRobski Рік тому

      @@roger1818 I understand what you mean, but it's not ubikey or any u2f key mfgs responsibility. That would fall on apple or whatever service th provider that implements u2f.

    • @roger1818
      @roger1818 Рік тому +4

      @@RobbieRobski Agreed. I wasn’t suggesting that it was Yubikey’s responsibility. I was suggesting that it would be a good tool for Apple use to plug this hole. Apple allowing users to add additional keys (after the first 2 I’ve been set up) without requiring the use of a key is a hole.

    • @pto44
      @pto44 Рік тому

      @@roger1818 You can't disable Find My or those other things such as changing passwords without also knowing the Apple ID password. So it takes more than knowing the lock screen passcode. The YubiKey is required in addition to the Apple ID password, as I understand it, so the thief would need to know the passcode, Apple ID password and also have an authenticated YubiKey before a new one could be added.

  • @vanshrider5561
    @vanshrider5561 Рік тому

    Ps now a subscriber ✅

  • @Tupac623
    @Tupac623 4 місяці тому

    Hello guys, i don’t have “add security keys" in settings , but i have à iPhone 12 mini… and apple 16.0.3 . Help me please 😅☹️💪

  • @tenzingngodub641
    @tenzingngodub641 Рік тому

    You lose your phone together with this device & now you have the highest level of security 🤣

    • @Tech-geeky
      @Tech-geeky Рік тому

      😆 I don't wanna be like that.. Its my number #1 worse fear, but i only have my USB keys as my 'protection"
      If they go, so do I.

  • @pnddesign
    @pnddesign Рік тому

    Thank you so much !

  • @scottmdecker
    @scottmdecker Рік тому +1

    The benefits of adding security keys appear to be nullified (or at least reduced) because iOS does not prompt for a key when attempting to change your Apple password from a device that is signed into iCloud and has passcode enabled.

    • @jajuanyoung
      @jajuanyoung Рік тому

      You can encrypt your iCloud can get a key for it.

    • @Tech-geeky
      @Tech-geeky Рік тому

      @@jajuanyoung what i don't understand and i guess to me "it seems to be a flaw" in Apple's end to end. but with iCloud, why is the user asked to enter the 'same password that they use on the Mac to login" to encrypt files in iCloud?? Easy to remember, is the only reason, but if Apple heeded security, should it be a a random password each time ? And if they use encrypted data for already stored files, then it should be stored on decide to decrypt ?
      iOS has keychain equivalent, just like Mac. so why isn't it used for this ? Sometimes i refuse to login to iCloud on iOS, because (by design) your forced to enter your Mac''s password to encrypt files (weather you actually intend to use icloud storage or not)
      On the Mac you can choose to skip this part, but you still login *separately*. It should be separate but on IOS it's not. Just give me a ransom password to encrypt files, and it will work, instead of trading security for convenience.

  • @ByteMeCompletely
    @ByteMeCompletely 7 місяців тому

    Nonsense. I recently bought a Yubikey 5 Nano and a 5Ci. I can register the 5Ci as a security key with my iPhone SE2, but not the Nano. These products are too difficult. I wasted $135.

  • @H4ram
    @H4ram Рік тому

    5:17 if you only came for the setup

  • @OmarrReid
    @OmarrReid 9 місяців тому

    Even though ios may allow you to integrate the yubi to the phone, it still hasn't altered it's code for the fingerprint option to be triggered such as with a bank. Of course most banks allow win or ios app downloads, and as for the ios, even with active yubikeys it only offers the face signin and not fingerprint. Apple is still blocking access! It will not allow say: when your phone is locked and not in use and you want to sign in again, it will not allow a fingerprint option to be be triggered or preferred. Thus far, as for my ios device, the yubikey is literally useless. Also, when you try and add an account, it will say, there are no credentials for this device and or will not accept the QR scan, say when you attempt to integrate chrome account etc.

  • @chuckwhite3033
    @chuckwhite3033 5 місяців тому

    Don't lose that key!

  • @_andres.hg_
    @_andres.hg_ Рік тому

  • @lindamastropietro4429
    @lindamastropietro4429 2 місяці тому +1

    I have no idea what the hell you’re talking about

  • @SuperStoner760
    @SuperStoner760 Рік тому

    bruh one step away from everyone being chipped

  • @stevenmaile6547
    @stevenmaile6547 Рік тому

    Bout time

  • @ironfist7789
    @ironfist7789 Рік тому +2

    I don't like apple, but glad that the Yubikey works in more places.

  • @jpbeauch1
    @jpbeauch1 Рік тому

    What if you’re iPhone got stolen as the same time of the security keys?

  • @starcitizen890j5
    @starcitizen890j5 Рік тому

    Using 2FA keys seems to lock me out of iTunes on my PC. I can’t play any of my music I pay for on Apple Music anymore on my PC.
    It’s a real down side. You can’t unlock iTunes with your 2FA keys because Apple are not supporting it on windows right now . So basically Apple is trying to force you to buy an iMac to get this basic functionality back. It’s a bad joke for everyone with a windows computer.

    • @zzrelaaxx8945
      @zzrelaaxx8945 Рік тому +1

      Bro you say it like it was a secret, they said It on there website clearly both apple and Yubico so next time read carefully

  • @SnowyRVulpix
    @SnowyRVulpix Рік тому

    Yubikey is probably the worst 2fa method. It is small, and far far far too easy to lose or destroy.
    To use my authy codes, a thief would have to bypass my phone’s faceid security.

    • @aliancemd
      @aliancemd Рік тому

      Apple ID uses 3FA by default(password + hardware + biometrics on the receiving device), if you have FaceID enabled.
      He is encouraging people to switch away from the default 3FA, to 2FA(password + non-findable hardware).

    • @Tech-geeky
      @Tech-geeky Рік тому

      @@aliancemd not everyone uses FaceID.... I still have my iPhone 6s Plus. and will continue to buy them as long as i can still get them... I don't need all the fancy crap of today...
      Its good technology, sure, but its a bloody phone, not a Swiss army pocket knife. If it wasn't for the fact mobile providers forcing everyone onto 4G (and up) as shutting down 3g network, i'd be still on their as well.

    • @jrwebb2
      @jrwebb2 7 місяців тому

      You can bypass faceID with the pass code. This adds another layer of security to your Apple ID.

  • @sparkybearbomb533
    @sparkybearbomb533 Рік тому

    I hate to be the bearer of bad news, the ToTP is not bound to the key and your app, it is bound to the key only, anyone can download the app and access the TOTP codes, no authentication required.

    • @everyhandletaken
      @everyhandletaken Рік тому

      So, you don’t require they key in order to login (or hack in) to your totp account & access the codes?

    • @sermarr
      @sermarr Рік тому

      @@everyhandletaken I think you can add a pin to be able to get the TOTP private key from the yubikey. But you must consider all this 2FA stuff is really to protect yourself from REMOTE attacks... hackers. Not really for cases when your phone or keys are stolen.

    • @everyhandletaken
      @everyhandletaken Рік тому

      @@sermarr onlykey seems to fit both criteria

    • @sermarr
      @sermarr Рік тому +1

      @@everyhandletaken That onlykey is nice, a bit expensive, but it does have a pin keyboard. There's also a yubikey with fingerprint scanner instead of a keyboard (and a pin backup in case you cut your finger) but I think it doesn't have NFC. In all yubikeys the pin input is "via software". I don't have a yubikey yet (it's on the way) so I can't say more. I'm still researching all this stuff 😅

    • @everyhandletaken
      @everyhandletaken Рік тому +1

      @@sermarr yeah, I really like the idea of the physical pin pad.. you’re right, there is the Bio Yubikey.. very expensive & no NFC, as you mentioned.
      At least with the Onlykey, I could still type my pin with a stick between my teeth, if my finger fell off lol
      ..but it has no NFC either 😒
      I haven’t made a purchase yet, but I think I will just end up going with the YK 5 series.

  • @rfxtuber
    @rfxtuber Рік тому

    Just one simple thought!!! What a mess! Its 2023 and yet they still have not solved the security login problem? Do you want to know why? Because they want third parties in the middle for control and profit... the yubikey is a good solution tho.. but if all the websites dont use it or understand it everywhere then it really becomes expensive and pointless.. We need to see more info on the lock out situations.. Loosing the key, backup and solutions that do not require the bloody cloud...in addition non tech users are really getting left behind and confused big time... WHAT A HUGE MESS!

  • @TVSNOWOWL
    @TVSNOWOWL Рік тому

    So you need 3x keys for this nonsens expensive shit

  • @manslayerdbzgt
    @manslayerdbzgt Рік тому

    Great so when iPhone 15 comes out and has USB-C instead of lightning cuz lightning crap poor it's only USB 2.0 speeds You're not going to be able to use that

    • @RogierYou
      @RogierYou Рік тому +3

      Use the NFC version

    • @DJ-Coma
      @DJ-Coma Рік тому +5

      The one with lightning is double sided with usb-c on the other end

    • @kricketman12
      @kricketman12 Рік тому

      My nfc stoped working what now

    • @duscuduscu
      @duscuduscu Рік тому +2

      login from any device with a web browser and remove the keys

  • @zoeydee7168
    @zoeydee7168 Рік тому +1

    I’m not thrilled about having to drag around a key when not home to get into secure accounts

    • @mattv5281
      @mattv5281 Рік тому +2

      I wish they made them in a smart card form factor that I could keep in my wallet

    • @NoSubstitute
      @NoSubstitute Рік тому +2

      @@mattv5281 you keep it in your keyring, or get a nano and keep it in your device always.

    • @everyhandletaken
      @everyhandletaken Рік тому

      Tie it to your shoelace & then you have an NFC foot 🦶

    • @00jmjl
      @00jmjl Рік тому +2

      @@NoSubstitutenot a good idea! If your device is stolen along with the plugged in key then its pointless to have Security Key enabled in the first place
      You’d always want to have it unplugged and separated from the device incase of it being stolen

    • @RobbieRobski
      @RobbieRobski Рік тому

      I have the 5c nfc, it's on my keychain which I generally always have with me. Not a horrible inconvenience for significantly stronger severely.