Hello thank you for the video I have a question! What if you don’t take a screenshot of the QR code? Will you be able to generate a new one with a different key? Also I have no idea what a thumb drive is? Could you please explain how to save your QR code onto there and encrypt it? Again thank you for all your hard work!!!
As a newcomer to physical 2FA options, this is one of the best videos I have seen to explain everything about setup, backups, and what the backup codes do. Great work!
I was searching from last 24 hours about all the information of a security key and almost saw more than 100 videos but never satisfied through any videos but through your videos i got all my answers. you explained very well. You put your 100% effort and that clarify all our doubts through a single video, the point that i never thought that anyone would think about that, you also answered that too, that shows how much efforts you put in your videos. I wanted to write more appreciation about your work here, but let me skip all that. By the way A big thanks for educating us and you do a good job through your videos.
For my fellow LastPass password manager users, you can enable a Yubikey to act as your master password and enable the "require re-entering master password for this site" option on a site-by-site basis in your LP password vault. So, you can still auto-fill your randomly generated passwords as usual, with the added security of a Yubikey. Or if you're an IT admin you can integrate Yubikeys into Windows logon via Duo Security (another 2fa provider) integration into Active Directory. Great added security for laptops that frequently leave the office. Physical protection for single sign-on (SSO) ecosystems too (email, timeclocks, file servers, SharePoint, etc.).
@@Kishin333 In my experience, certifications matter more than college degrees, and job experience more than certifications. You can learn pretty much anything online, but in-person classes at a local training center can get you real hands-on experience. Or, you can always set up a testing lab at home. Find a couple of cheap used PCs and network them together. Take them from bare metal to a fully configured working environment. You'll learn a lot along the way just using Google-fu or trial and error. Either way you decide to go, I wish you the best of luck! 👍
Why would you use the security key to run the OTP protocol? Reading the security key is so much faster. The only reason I could understand doing this would be IF the service only supports OTP and not yubi. If you’re forced to use the OTP protocol I’m assuming using it with the security key as opposed to using an authenticator app?
Great video. One question. What happens if our cell phone is stolen? We buy a new one, download the Yubico app and when we read the key, will I be able to access all my accounts again? Thanks!
Hi Tario, thanks for the tutorial. You show how to set up the yubikey but have you made a video showing how it's used daily? How it enables to login to many sites without the hassle of phone / SMS codes, email codes, etc... I think the idea behind the yubikey is improved security but also to save tons of time by being far more convenient for the user to just tap on his key or even doing nothing but just have it plugged or being read by NFC.
Curious question. Many laptops come with smart card readers. Do smart cards function exactly the same way or is it different? My guess is if it was different-that difference would be that it might've been designed for local hardware/OS security back when this wasn't nearly as much of a threat as it is today. This Yubikey appears to have online account security in mind and ultimately succeeds in what Microsoft failed to with TPMs. TPMs have nothing with Google accounts which throws off the need for it.
With the ncf demo starting at 14:35, I don't see you pushing the button. I thought that might be how it couldn't just be used by a very nearby hacker. Is it that it MUST be touching your phone? And further perhaps also detecting that the device is being touched/held to the phone? Thanks for the video, and addressing the concern I'd long had of a key being a single point of failure. Wasn't aware of the support by apps for multiples, and of even using the same QR reg code for each.
Tario...this video is great...BUT, I just got a yubikey 5 nfc and I don't understand how to setup the key for initial use right out of the box??? I put the key in the usb and nothing...there must be some software or something for setting it up for the FIRST time??? I'm using Windows 11 desktop and laptop computers and also an iPhone. Maybe a video on how START...???
Great info. questions? do you need to stepup (2) yubikey 5C NFC & yubikey 5 NFC + a yubikey authenticator for my iphone, ipadpro, laptop and PC? Next - do you need to keep one yubikey with you at all times and the other in another secret place??
Hi, thanks for this great review. Is there a limit in the number of accounts i.e. Gmail, Microsoft account etc. that you can setup with the same Yubikey?
Is it possible to add the three keys when you register just one? I would like to store one off-site, in a vault or at my family's place for example. Having all three keys at the same place to register them each time seems to defeat the point of having multiple keys for safety, as all can get lost at the same time in a fire?
1. He talks about the Google account *only*? Must a user go through this process for every single website account on which one is registered? 2. What if I use a PC and an ipad equally?
Is the NFC safe, like, if you go through this much to secure everything, can someone scan your key somehow? Of course this will probably never happen but is it possible?
Why add 2FA via Yubikey when you already have access by physial Yubikey? Sounds like redundant method? Another question: how often do you have to touch the sensor? Once after system boot or for every login attempt to any app?
The reason I add 2FA: in case you can't insert the Yubikey with the device you use, then 2FA is a quick way to still login to accounts. When you setup the key, you have option to touch sensor every time or not touching it as all (as long as its inserted).
What is safer? Using the security key or using the app and authenticator? If you use only the first option, can someone still hack your account with password ? Or does the security key take place of the password ?
Will there be an issue if I secure my Google account by setting up BOTH the Yubikey security key and also the Yubico authenticator app. Will there be a conflict? Or perhaps the opposite --- is there any advantage to setting up both? Thanks for the help.
Hey guess what. Yubi was side-channel cracked just recent and can now be duplicated with physical access. I think if impacts most of the keys sold to date
On a ledger nano s you have to generate your own private and public keys. others may have had access to the original keys. Is this not so with these yubikeys too. How should it be set up for first time use? How do you ensure keys are unique and known only to device and you?
Hi Tario, good video thank you. I am trying to install my yubikey but I am quite confused. Everyone is doing videos on how to secure a google account or Facebook, but what about "real" stuff like online banking apps etc? Would the specific bank need to allow for the key to be used? Or is it possible to secure a browser (eg Brave?) in a way that every password protected login to a site triggers a yubikey requirement? I have seen that Brave is in the applications that work with yubikey but that was about the only information I could find. What does it actually do on a browser? Hope these questions make any sense at all. Thank you!
Hi Kath, long story short, at the moment I don’t think you can you yubikey with banks. I’m sure there will be something similar within the next few years. Also, some browsers support yubikey so you can actually connect the device with your browser. Hope this helps.
@@tariosultan Thanks Tario. I have seen that Brave browser supports yubikey but have not found help on how to actually connect the two. And then what to use it for. Is it for passwords stored by the browser? If you know of anyone who made a video on this I would love to know. Thanks !
@@tariosultan I believe there may be a way by using a password manager as an intermediary. For example, I use LastPass which allows the use of physical keys in place of typing the master password. The only caveat is that you would need to enable the "always require master password" option instead of "keep me logged in", so it may become a hassle for auto-filling other sites. Edit: Looks like Lastpass as a per site option to require master password re-entering. So, maybe that could de-hassle-ify things a bit?
We need 2 compulsory keys for iphone ? As in setup page it shows enter 1st key and then insert 2nd additional key .. can i buy only one .. is it sufficient to work fine ?
Hey Tario, I have an aging parent that seems to be forgetting his passwords - spent two hours with him resetting passwords last week but I live 2K miles away from him so it was bit challenging. Thinking maybe a physical device might be the answer where Dad only has to tap a device, but maybe YubiKey is a bit too complicated for him - whats your thoughts or suggestions for a situation like this?
Here is the perfect solution: ua-cam.com/video/-qouvOMAPYQ/v-deo.html It’s free, just need to install the app and extension on their devices. All they need to remember is the master password.
I suspect that *in use* (= once set up) it would be easy for him. So we're back to the 2K distance. Is there someone where he lives that you know and trust that would be prepared to set up the key **** on a once-only basis **** ?
@@MikeWal2 I do remote tech support and have a client that kind of fits OP's description. He often goes to a guy at his cell provider store for support (like stuff that I can't really do remotely). Or if it's an iPhone/Macbook, _maybe_ the Apple Store would be willing to assist.
i have 2 Desktop computers 1 Laptop computer and multiple i phones the i phones are all cloned to each other. If i get 5 yubikeys can i linked them all together so they will all work together as one. Do you have a video to explain how to do that.
I have a question. I want to go passwordless on outlook 365, personal account. How can I do this without the MS authenticator app? I just want to use my key ONLY to login, otherwise what's the point of the security? How do you accomplish this?
Thanks for the nice review! Is it possible to use the yubikey completely instead of the regular password ? What’s the point of the regular password if we use physical keys? My desire is to get rid of any friction for login and just use the key. Tell me if I’m dreaming or not 🙏🏻😄
Brother, a question, I'm seeing many channels being hacked by stealing browser cookies. With this they manage to impersonate you without having to steal your passwords... Would the yubikey be effective in those cases where cookies are stolen? Or it will be that they manage to access without permission of the key.
My channel was hacked two days ago and when I tried to recover gmail , the hacker already protected himself with security key . I don't know how the hacker passed two step authentication but I got pretty big lesson to use security key and not put the faith on my phone number Thanks for your explanation
I noticed a lot of these cases they immediately apply their own security key. I’d recommend to remove phone verification, etc. they could port your number and only leave security key, 2FA and backup codes. Stay safe my friend.
You save the screen shot of it and put it on a thumb / removable drive / or maybe S3 bucket in AWS and then encrypt the content of the drive. S3 buckets in Amazon are already encrypted.
TY, super informational, Tario. It's time to join 21st century and I'm learning all I can before I commit to 2FA and Yubikey. On another note, easy on the voice deepener plugin; my house is literally shaking when you speak lol There is a thin line between sounding like a man and like Darth Vader.
Hi- new to your channel here and very grateful to learn more about this topic. This may be a dumb question...I don't know much about tech or security. But, one thing I am concerned about with Yubikeys is the NFC. I don't know what NFC is or what its security is like. Do you think that a Yubikey without NFC is more secure than with the NFC? tyia
That's a pretty technical question, I'd try sending Yubico a support email see what's their take on this topic. Based on my personal experience using Yubikey, when you use NFC, I need to type the password THEN it will show me the list of 2FA codes, so random personal can't use my yubikey (NFC) unless he has the PW.
Bloody nightmare to set up I have 3 keys just bought a USB C one for my android wish I hadn't now spent an hour trying to figure out how to register my Google account with it, go into my account settings but nothing about keys there, maybe they dont like you using them?
The problem with backup codes is that they become the weakest link in the security chain. Being 8 digits, you get about 26.6 bits of entropy, which is dreadfully low.
Yes, it would make a lot more sense to have an encrypted RSA4096 key as a "backup code". But then soon we going to have quantum computers capable of recounting all those keys. A battle of swords and shields as they say :)
@@airatru Well, we are living in the now, and need to address the associated security issues that exist today; 8-digit codes are simply unacceptable and defeat the security of something like a hardware token. The quantum world is still many years away, and the availability of quantum computers to the masses will not be immediate, so there will be time to address that technology down the road.
Isn't taking a picture of any secret credentials (be a recovery code or authentication QR code) defeating the purpose in using secure hardware authentication? As anyone who can obtain that image can now bypass 2FA. And since most viewers probably aren't tech savvy enough to realize the risk, they will probably just leave it on their phone.
Drop a like and comment if you enjoyed the video!
PS. Use this coupon to save an extra $5 on any Yubikey 5 Series: [YUBIKEY5]
Valid until 12/31/2022
Trying to buy a 5 series and I tried this code on the Yubico site and it didn't work. Is it no longer valid?
Hello thank you for the video I have a question! What if you don’t take a screenshot of the QR code? Will you be able to generate a new one with a different key? Also I have no idea what a thumb drive is? Could you please explain how to save your QR code onto there and encrypt it? Again thank you for all your hard work!!!
As a newcomer to physical 2FA options, this is one of the best videos I have seen to explain everything about setup, backups, and what the backup codes do. Great work!
I was searching from last 24 hours about all the information of a security key and almost saw more than 100 videos but never satisfied through any videos but through your videos i got all my answers. you explained very well. You put your 100% effort and that clarify all our doubts through a single video, the point that i never thought that anyone would think about that, you also answered that too, that shows how much efforts you put in your videos. I wanted to write more appreciation about your work here, but let me skip all that.
By the way A big thanks for educating us and you do a good job through your videos.
You’re most welcome. Thank you for the kind words! Means a lot.
Bro should we also remove the backup phone number from google account? Because the hacker can also use the phone number as a backup
Absolutely! It’ll be more secure if you only use security key & recovery codes as your login methods.
@@tariosultancan the 8 numbers recovery Google code can also be hacked?
@@summerbreeze5115depends how you store the backup codes
For my fellow LastPass password manager users, you can enable a Yubikey to act as your master password and enable the "require re-entering master password for this site" option on a site-by-site basis in your LP password vault. So, you can still auto-fill your randomly generated passwords as usual, with the added security of a Yubikey.
Or if you're an IT admin you can integrate Yubikeys into Windows logon via Duo Security (another 2fa provider) integration into Active Directory. Great added security for laptops that frequently leave the office. Physical protection for single sign-on (SSO) ecosystems too (email, timeclocks, file servers, SharePoint, etc.).
May I ask how can I get into IT? any where to start?
@@Kishin333 In my experience, certifications matter more than college degrees, and job experience more than certifications. You can learn pretty much anything online, but in-person classes at a local training center can get you real hands-on experience.
Or, you can always set up a testing lab at home. Find a couple of cheap used PCs and network them together. Take them from bare metal to a fully configured working environment. You'll learn a lot along the way just using Google-fu or trial and error.
Either way you decide to go, I wish you the best of luck! 👍
One of the best videos on UA-cam on Yubico Tutorial♥️👌🏼
Thank you! Appreciate the kind words, means a lot!
@@tariosultan means a lot brother👍🏼☺️
Why would you use the security key to run the OTP protocol? Reading the security key is so much faster.
The only reason I could understand doing this would be IF the service only supports OTP and not yubi. If you’re forced to use the OTP protocol I’m assuming using it with the security key as opposed to using an authenticator app?
one of the best guides out there ! Thank you!
Great video. One question. What happens if our cell phone is stolen? We buy a new one, download the Yubico app and when we read the key, will I be able to access all my accounts again? Thanks!
Hi Tario,
thanks for the tutorial. You show how to set up the yubikey but have you made a video showing how it's used daily? How it enables to login to many sites without the hassle of phone / SMS codes, email codes, etc... I think the idea behind the yubikey is improved security but also to save tons of time by being far more convenient for the user to just tap on his key or even doing nothing but just have it plugged or being read by NFC.
Security and convenience are two things that doesn't get along too much, choose your preferences
Thanks for keeping it simple. Appreciate you didn't say just "Click here, then click this and click that button to finish"
thumb drive last resort tip is very smart. thank you for putting this tutorial together.
Curious question. Many laptops come with smart card readers. Do smart cards function exactly the same way or is it different? My guess is if it was different-that difference would be that it might've been designed for local hardware/OS security back when this wasn't nearly as much of a threat as it is today. This Yubikey appears to have online account security in mind and ultimately succeeds in what Microsoft failed to with TPMs. TPMs have nothing with Google accounts which throws off the need for it.
Jesus man you answered all of my questions and you explain the topic so well you have a new sub(:
Question: can we plug the device into an EXTENDED port versus right into the computer.?
With the ncf demo starting at 14:35, I don't see you pushing the button. I thought that might be how it couldn't just be used by a very nearby hacker. Is it that it MUST be touching your phone? And further perhaps also detecting that the device is being touched/held to the phone?
Thanks for the video, and addressing the concern I'd long had of a key being a single point of failure. Wasn't aware of the support by apps for multiples, and of even using the same QR reg code for each.
Tario...this video is great...BUT, I just got a yubikey 5 nfc and I don't understand how to setup the key for initial use right out of the box??? I put the key in the usb and nothing...there must be some software or something for setting it up for the FIRST time??? I'm using Windows 11 desktop and laptop computers and also an iPhone. Maybe a video on how START...???
Great info. questions? do you need to stepup (2) yubikey 5C NFC & yubikey 5 NFC + a yubikey authenticator for my iphone, ipadpro, laptop and PC? Next - do you need to keep one yubikey with you at all times and the other in another secret place??
Great video! Congrats!
Great video, Thank you.
Do you have a video showing how to use yubico Desktop authenticator? How that desktop works? Thank you.
is setting up a NFC key for iPhone different from a nano key? can I set up all keys on the Mac and then use the 5 series NFC on the phone?
Yes you can. For example, I use nano on my mac then 5 series on my phone (NFC)
Hi, thanks for this great review. Is there a limit in the number of accounts i.e. Gmail, Microsoft account etc. that you can setup with the same Yubikey?
This is from their FAQ page:
the YubiKey 5 can hold up to 25 resident keys in its FIDO2 application.
@@tariosultan thank you 👍
Is it possible to add the three keys when you register just one? I would like to store one off-site, in a vault or at my family's place for example. Having all three keys at the same place to register them each time seems to defeat the point of having multiple keys for safety, as all can get lost at the same time in a fire?
Thank you....for this video...I loved the way you walked me through the whole process...you made it so easy for me....❤👌
So glad to hear that, much appreciated!
Love the way you are answering to almost everything that should be answered.
perfect demo, thanks!
Do you have to keep the key plugged in for the entire session or just for authentication? I'm assuming the later?
Only used to authenticate. Once in you can remove the key.
That’s right. Just for authentication. But I do have a 5C nano plugged in 24/7, so I don’t have to keep inserting yubikey when I need it.
1. He talks about the Google account *only*? Must a user go through this process for every single website account on which one is registered?
2. What if I use a PC and an ipad equally?
You can use it on both. Yes.
Not google account only. Any platform supports security key or 2FA.
it doesn’t matter if your on PC or iPad. As long as you have the right port.
Excellent info!
This is helpful. I have a recurring problem, from time to time when i insert yubikey, it says no credentials...like it doesnt read the key. Any guess?
Bro which is the video u did on how to use yubikey for cryptocurrency’s ?.
fantastic tutorial. Thank you!
Is the NFC safe, like, if you go through this much to secure everything, can someone scan your key somehow? Of course this will probably never happen but is it possible?
Great video! What software did you use to make it?Also going to use your link after work to buy an NFC version :)
Great video! Thanks very much!
Why add 2FA via Yubikey when you already have access by physial Yubikey? Sounds like redundant method?
Another question: how often do you have to touch the sensor? Once after system boot or for every login attempt to any app?
The reason I add 2FA: in case you can't insert the Yubikey with the device you use, then 2FA is a quick way to still login to accounts.
When you setup the key, you have option to touch sensor every time or not touching it as all (as long as its inserted).
Do you have a link for the lighting connector adapter?
What is safer? Using the security key or using the app and authenticator? If you use only the first option, can someone still hack your account with password ? Or does the security key take place of the password ?
Can I use the same yubikey on multiple accounts from the same company? 2 Google accounts, 2 Microsoft accounts, etc.
Will there be an issue if I secure my Google account by setting up BOTH the Yubikey security key and also the Yubico authenticator app. Will there be a conflict? Or perhaps the opposite --- is there any advantage to setting up both? Thanks for the help.
Not at all! That’s what I do as well!
In case sometimes you can’t insert the yubikey into the device. You can use Authenticator app in that case
Hey guess what. Yubi was side-channel cracked just recent and can now be duplicated with physical access. I think if impacts most of the keys sold to date
Love how the Heartstone pop up :)
Can you add one key to multiple apps? Like Google and other apps on one key or you can do one app one key
Nope, one key can handle a lot of app!
@@tariosultan Thank you :)
Hi sorry but I can’t use my yubikey 5C FNC on my iPhone because I don’t have USB-C port…. Please tell me where to buy USB- C port. Thank you
You don't need USB-C port, you use the app, swipe down and scan the yubikey with NFC
Great tutorial. Thank you🙏❤️
Most welcome
Nice video for a beginner, but too high level to actually use it. Also explaining why the yubico authetication app is better would have been helpful.
must you always have to set a recovery key for the manager app?
On a ledger nano s you have to generate your own private and public keys. others may have had access to the original keys. Is this not so with these yubikeys too. How should it be set up for first time use? How do you ensure keys are unique and known only to device and you?
Hi Tario, good video thank you. I am trying to install my yubikey but I am quite confused. Everyone is doing videos on how to secure a google account or Facebook, but what about "real" stuff like online banking apps etc? Would the specific bank need to allow for the key to be used? Or is it possible to secure a browser (eg Brave?) in a way that every password protected login to a site triggers a yubikey requirement? I have seen that Brave is in the applications that work with yubikey but that was about the only information I could find. What does it actually do on a browser? Hope these questions make any sense at all. Thank you!
Hi Kath, long story short, at the moment I don’t think you can you yubikey with banks. I’m sure there will be something similar within the next few years. Also, some browsers support yubikey so you can actually connect the device with your browser. Hope this helps.
@@tariosultan Thanks Tario. I have seen that Brave browser supports yubikey but have not found help on how to actually connect the two. And then what to use it for. Is it for passwords stored by the browser? If you know of anyone who made a video on this I would love to know. Thanks !
@@tariosultan I believe there may be a way by using a password manager as an intermediary. For example, I use LastPass which allows the use of physical keys in place of typing the master password. The only caveat is that you would need to enable the "always require master password" option instead of "keep me logged in", so it may become a hassle for auto-filling other sites.
Edit: Looks like Lastpass as a per site option to require master password re-entering. So, maybe that could de-hassle-ify things a bit?
@@kathelementalbodywork4349 I think it'd be just for protecting your Brave account.
Very helpful video, thanks. Just a shame the screen examples are so blurred and small.
which screen examples are you referring to?
We need 2 compulsory keys for iphone ? As in setup page it shows enter 1st key and then insert 2nd additional key .. can i buy only one .. is it sufficient to work fine ?
Hi, how many platform accounts can I store in one yubico security key? (google account, facebook, and Microsoft)
Good work dude!
Excellent. Thank you.
Hi
Please why do we need yubico authenticator app if we already have set up the the hardware yubikey with finger print?
Thank you
I dont think the poster reads comments let alone answer questions. Im still waiting for a reply.
Can you set up a YubiKey and a generic one at the same time?
I think so.
Hey Tario, I have an aging parent that seems to be forgetting his passwords - spent two hours with him resetting passwords last week but I live 2K miles away from him so it was bit challenging. Thinking maybe a physical device might be the answer where Dad only has to tap a device, but maybe YubiKey is a bit too complicated for him - whats your thoughts or suggestions for a situation like this?
Here is the perfect solution:
ua-cam.com/video/-qouvOMAPYQ/v-deo.html
It’s free, just need to install the app and extension on their devices.
All they need to remember is the master password.
I suspect that *in use* (= once set up) it would be easy for him. So we're back to the 2K distance. Is there someone where he lives that you know and trust that would be prepared to set up the key **** on a once-only basis **** ?
@@MikeWal2 I do remote tech support and have a client that kind of fits OP's description. He often goes to a guy at his cell provider store for support (like stuff that I can't really do remotely). Or if it's an iPhone/Macbook, _maybe_ the Apple Store would be willing to assist.
thank you for the explanations...........
You are so professional, the best guide, thanks for all
I appreciate that!
i have 2 Desktop computers 1 Laptop computer and multiple i phones the i phones are all cloned to each other. If i get 5 yubikeys can i linked them all together so they will all work together as one. Do you have a video to explain how to do that.
Add all your keys on all devices. This way no matter which key you plug in, it will work.
For how many account we can you single Key?
Bro we’re do I get the adapters for the yubikey 5 like in your video .
why is there another video blocking your explanation at appx 12:30 of the video?
Please make a video of how to make a back up
It’s mentioned around 6:25
You may want to revisit this video. Yubico on Mac OS Ventura does not appear to support desktop Apps any more
I’m not sure what you’re referring too. I’m on Ventura, works totally fine.
@@tariosultan Sorry I meant with Bitwarden on Ventura
I have no issue with Ventura + Bitwarden setup.
Can one yubico be set for two or more google accounts?
Absolutely
I have a question. I want to go passwordless on outlook 365, personal account. How can I do this without the MS authenticator app? I just want to use my key ONLY to login, otherwise what's the point of the security? How do you accomplish this?
Thank you for an excellent tutorial that saved me from throwing this little thing out. Yubikey is no help in telling you how to set these things up
Glad it helped!
Thanks!
You’re very welcome
usb to micro usb adapter for smartphone can i use this key on galaxy s20?
Use NFC version, just scan it with your Galaxy s20.
Could this device be in fact hacking device? Say, some special China edition? I tap yes on my phone, when I login, why I need one more device?
Your video is good. Very easy to understand. I would like someone to make a video about setting up the key manager. This would be very helpful.
I can't manage to delete my mobile number from Google after setting up the Yubikey. So I can't even remove the weakest link.
As long as you have more than one 2FA, normally you can remove the other ones.
You probably have to wait after last change.
They should make a silicon ring with NFC feature so you can just wear it wherever you go.
Excellent video with great information. Thank you very much!
Thanks for the nice review!
Is it possible to use the yubikey completely instead of the regular password ? What’s the point of the regular password if we use physical keys? My desire is to get rid of any friction for login and just use the key.
Tell me if I’m dreaming or not 🙏🏻😄
Brother, a question, I'm seeing many channels being hacked by stealing browser cookies. With this they manage to impersonate you without having to steal your passwords... Would the yubikey be effective in those cases where cookies are stolen? Or it will be that they manage to access without permission of the key.
How is this better than getting the OTP code through text?
what if my key is lost or broken
That’s why you always need a 2nd one as a backup.
My yubikey not working do i need to setup it?
Why would this key be more secure than my authenticator app on my phone?
My channel was hacked two days ago and when I tried to recover gmail , the hacker already protected himself with security key . I don't know how the hacker passed two step authentication but I got pretty big lesson to use security key and not put the faith on my phone number
Thanks for your explanation
I noticed a lot of these cases they immediately apply their own security key.
I’d recommend to remove phone verification, etc. they could port your number and only leave security key, 2FA and backup codes.
Stay safe my friend.
Hello
How do you encrypt your QRcode?
You save the screen shot of it and put it on a thumb / removable drive / or maybe S3 bucket in AWS and then encrypt the content of the drive. S3 buckets in Amazon are already encrypted.
Great video; but you left out one thing HOW THE H3LL TO YOU REGISTER THE F-EN KEY!!!!!!!!!!!!!
Starts at 1:40
TY, super informational, Tario. It's time to join 21st century and I'm learning all I can before I commit to 2FA and Yubikey.
On another note, easy on the voice deepener plugin; my house is literally shaking when you speak lol
There is a thin line between sounding like a man and like Darth Vader.
Hi- new to your channel here and very grateful to learn more about this topic. This may be a dumb question...I don't know much about tech or security. But, one thing I am concerned about with Yubikeys is the NFC. I don't know what NFC is or what its security is like. Do you think that a Yubikey without NFC is more secure than with the NFC? tyia
That's a pretty technical question, I'd try sending Yubico a support email see what's their take on this topic.
Based on my personal experience using Yubikey, when you use NFC, I need to type the password THEN it will show me the list of 2FA codes, so random personal can't use my yubikey (NFC) unless he has the PW.
Bloody nightmare to set up I have 3 keys just bought a USB C one for my android wish I hadn't now spent an hour trying to figure out how to register my Google account with it, go into my account settings but nothing about keys there, maybe they dont like you using them?
Your video shows FIDO but not FIDO2.
Why don't they have USB-A/USB-C in same key lol I have an desktop PC and a mobile phone that doesn't support NFC :(
Can this be used with a locked down work PC? Doubt it
You can lock the entire system on Mac, haven't tried PC yet.
My yubikey 5 nfc not working why
The problem with backup codes is that they become the weakest link in the security chain. Being 8 digits, you get about 26.6 bits of entropy, which is dreadfully low.
That's why there's so many of them.
@@mystrdat huh??
Yes, it would make a lot more sense to have an encrypted RSA4096 key as a "backup code". But then soon we going to have quantum computers capable of recounting all those keys. A battle of swords and shields as they say :)
@@airatru Well, we are living in the now, and need to address the associated security issues that exist today; 8-digit codes are simply unacceptable and defeat the security of something like a hardware token. The quantum world is still many years away, and the availability of quantum computers to the masses will not be immediate, so there will be time to address that technology down the road.
Thank you for skipping the part where you scan the QR code, since that's what I've been trying to find for the last two hours!
Isn't taking a picture of any secret credentials (be a recovery code or authentication QR code) defeating the purpose in using secure hardware authentication? As anyone who can obtain that image can now bypass 2FA. And since most viewers probably aren't tech savvy enough to realize the risk, they will probably just leave it on their phone.
Strange that no bank app has the ability to use this key.
Be very careful not to accidently bend and break off the yubikey while it is sticking out of your computer's USB port.
How about a wild idea. USE A ANDROID DEVICR WHEN TALKING ABOUT ANDROID DEVICES
I have 2 keys, but not every business is using technology
create self proprietary yubikey called dju dju ha
why is this better than “sign in with apple ID?”