If YubiKey is the default 2FA method... is it advisable to have other methods like "Google prompts" also enabled (Or does that negate/undermine the purpose of the Yubikey)?
The price of that key is just ridiculously high, if you take 2 you will lose €150,- euro €15,- would be a reasonable price. then they say that it will last 30 years, but the usb input that also changes every once in a while and they can probably make those things for a €1, if we wait a few more years, I think there will be several brands or systems on the market, think that now only people who are willing to pay the price for it who have cripto or other valuable things online and if the rest don't come to purchase they will automatically become cheaper, for this price I just feel for me as a ripped off, I already had seen one other brand just for €13,20 but was sold out now for the moment, I think I it say it was a 2FA key
Excellent presentation. At first I was confused about the backup key. In the IT industry a backup implies a copy, a duplicate of such as a file or the contents of a hard drive. But I eventually learned that in the case of a security key, a backup is not a copy, a duplicate, of the first key. A backup is a second key independent of the first key. It took me a bit to unravel how the backup term was used so differently in the context of security keys.
I have been looking for a way to use my key for a while. You're the first person who has been able to explain how to utilize it correctly, and most importantly, easily.
Finally!!! Someone who know how to explain the actual Yubico app. I went through 17 videos before I found yours. Thank you so much for clearly explaining how this all works.
Unsubscribing. This has ‘Yubico promotion channel’ all over it. Hilarious. Next video’s maybe have a second corpse play the dumbo with moron questions and comments. Shopping channel vibe. 😂
Thank you for your work on our security. As a man who teaches security, I am not finding a video on what I consider to be a core threat to a person's security, "MySpy" and other embedded spay software that may or is installed on peoples phones and computers. It is well understood and highly used by those "actors" who use them, the public is oblivious. To me, if you are talking security, this a a MUST presentation: 1) to create the awareness of what Spy software is. 2) How spy software works, is installed and can track you, intimately. 3) A. How to combat it? B. How to not allow it to be installed on your tech (iPhone / Laptop) C. How to detect it (very hard to do) D. How to get rid of it (regardless if you know you have it.) To me, this is a fundamental to any website / TH-cam channel focussing on security. Maybe you already have a video on this topic, is so, I did not find it and I apologize. If you do not have this video, this is a MUST video and to me, number ONE for anybody taking iPhone / Laptop and Internet security. A MUST!!!
It is really cool and secure but... only bad side is: Holds only 32 TOTP entries. So if you have more that 32 you better off using Authy or Bitwarden premium TOTP to store non important TOTPs and keep the important ones on your ubikey. I learned the hard way :/
I am yet to start using these keys. I am waiting for 2 keys from Yubico, a Yubi 5 NFC and a 5C NFC. From watching a few videos while waiting delivery it looks like it will be a steep learning curve.
This is a great and informative post. Thank you for posting this, I don't have a physical key, however you really have sold the benefits and I believe I'll definitely be getting one.
Great to hear! Like I said, there are free ways to do 2FA, so I would only use the key if it fits in your budget. But I love using the key over the authenticator app.
@@AllThingsSecured The apps are what I currently use and they have their place, however you really demystified 2FA in terms of physical devices and that's definitely the way I'd like to go. Thank you very much
Ok, maybe I'm missing something here. I'm an 80 year old grumpy old man. I'm computer literate but having a hard time wrapping my head around this. I understand that I can use the same key on multiple computers but what happens if I lose my key and someone finds it and plugs it into their computer....can they gain access to my accounts? I'm more paranoid now than ever. A TH-camr I watch has had his youtube site hacked twice in less than a month. I have a lot of accounts and it looks really time consuming to do this and then have to do it twice for a backup key....HELP>...lol
They would also need your password or biometrics, thats what is meant by "2 factor", someone needs 2 things to sign in. Something you have: 2fa key/authenticator Something you know: a password Something you are: face/fingerprints
Wife just got sent some of these from her work and I hadn't seen them before. Suspected they were something like this but thank you for the informative video
Not yet, but I believe they will eventually. And while most banks don’t support security keys, many other financial and investment services outside of crypto definitely do.
Great content, as always! Just a quick off-topic question: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
I've just bought two of the type A Security Key NFC ones. The 5 series is more than twice the price in the UK. I'll stick to using a free authenticator app for that additional functionality. It's a pity they don't have a version with type A on one end, and type C on the other. Only two of the machines I use have type C. In hindsight, I should maybe have got the type C for future proofing, and used adaptors left plugged in to the devices, but I didn't think of that. It's better to phase out the need for adaptors over time, as type C takes over, rather than increase the need to use them.
I have a yubi key but I can only use it with Google and Microsoft for now. My brokerages, banks, medical site do not support it...yet. It a good idea but it is too early now.
Thanks for the information, just purchased me 4 of those. Can you please let me know if I setup the yubikey as my authentication should I remove all other 2FA options? Let’s say remove the sms option? I’ll be glad to know. Thanks 🙏 again
you did not go into how the device/keys READS the QR code on the screen if you're using a MAC. that is not clear. also not clear is do you set up the account on the Yubi website PRIOR to inserting your key and touching it. what's first, second, third steps in the set up? thanks.
First I've watched each of your "ditch Google Authenticator" and yubikey series at least once. I just wonderedd if you happend to know / recommed a NFC reader addon for Windows laptops. Plugin and removing that USB connector over and over could really wear down the gizmo in a rather short time. Thank you and keep up adding more excellent videos.
Excellent analysis, thanks! 👌 Just a small off-topic question: 😅 I found these words 😅. (behave today finger ski upon boy assault summer exhaust beauty stereo over). How do I use this? 🤨
I bought three yubikey 5c. One for me, one for my wife and one for backup. How do I setup the Yubikeys for my wife and I to use on joint accounts. And then can each of us use the UB key that we carry for individual things that we don't share with each other
What do you do with your backup key when you go on long trips? Leave it at home and you risk being locked out of your accounts until you get back. Take it with you and you risk having it lost or stolen. I think I would leave it at home and setup a good (temporary?) TOTP app. It would be a pain in the rear end to do that for every account, so TOTP would probably be permanent. So, no security advantage over TOTP. However, unlocking with Yubikey might be a lot more convenient than having to unlock your TOTP app all the time.
I cant seem to get passkeys off my computer and I can't use it. I must of clicked on it somewhere and now it pops up when I try to log into different sites. How do I get rid of it? I"ve tried all the basic logical things one can do.
Am I the only one that questions using a security feature which has 0 security controls? NFC has no security in it at all, so how do these prove they are still secure?
Great video, thanks. Can you tell me if I use a YubiKey to secure my Apple account and plan to use the Apple Password account -- (1) will I need to use the key to open the Passwords app, and (2) will I need to use the key every time the app pops-up to fill-in a password
I personally don't use Multi Device because it increases the attack surface area in two ways. 1 - Being in another server and has to sync once in a while, 2 - That's another device they can hack
Your explanations are very helpful. Question - I set up my 2 Yubikeys for a financial account on my Windows computer. Windows Security needs a password, which I input. It just popped up when I was setting up my first hardware key. Nowhere do I see a mention of Windows Security (in any videos!). If I use the Yubikey Authenticator, will the Windows Security not be needed? Did Windows Security pop up because I don't have the Yubikey Authenticator app on my computer? Thanks!
Hello, great content, thanks for sharing your knowledge. I have an iPhone, iPad and iMac. Would you suggest nothing types of keys (plug in and NFC)? 7:22
Informative video, my yubi keys literally just shipped today. I purchased a 2 pack of the NFC 5, I got the USB A style so I can use it with my PC. I am hoping I can set it up on my phone which is USB C since I won't physically be able to plug it in....hmmm
Yubikey 2FA is a great idea, but since Microsoft dropped support for signing into Windows it is pretty limited, also it is hardly cheap, especially as you really need two for backup. When the Yubikey is supported it also has to made the only way of signing in, what would be the point of Yubikey if you could bypass it by signing in using an alternative method. Finally it is very personal and you need your Yubikey with you, that could be very frustrating if you find yourself out and about, needling access, but with no key.
I think that is why it deserves the name "key". You don't leave your home without having the door key with you, do you? And you probably gave someone trustworthy a second key, in case you do forget it. That's because if it should be secure, it must be hard to circumvent.
Thanks for sharing such valuable information! Could you help me with something unrelated: My OKX wallet holds some USDT, and I have the seed phrase. (air carpet target dish off jeans toilet sweet piano spoil fruit essay). What's the best way to send them to Binance?
I wish more financial companies, banks would offer support for 2FA keys. Right now only a few do so. And some out of those, won't even allow you to disable SMS option, bummer.
Another great video. I've just received my Yubikey 5 on the basis of your brilliant tutorial. I want to ask, would it be possible to have a video to show how to remove a key should you lose it. I'm sure its pretty easy. Many thanks.
I just got my first Yubikey the other day and I did a bunch of reading so I may not be an expert, but they stressed that you should get two keys 'cuz if you lose one, you'll never get into those accounts again. They even recommend that you put the 2nd key somewhere offsite and preferably in a fireproof box/safe.
Thanks for clearing up many of the questions I had about yubikeys. I am still conferred about a few things. 1. Fingerprint locks are secure, hard to replicate keys that you always have and are hard to lose. Yubikeys just seem like another physical key that can be targetted to be stolen from you to gain access. So why are yubikeys better than fingerprint locks? 2. What are the best storage practices for the physical yubikeys? Certainly not along with you car and house keys, but not as a seperate key in the pocket which may fall off. Probably as a chain around the neck? 3. Can yubikey be used as a way to secure individual documents/folders from changes by others?
NOPE you are wrong. Your fingerprint must be stored somewhere and they collect people FP to map your identity with phone or other devices in your vicinity. Same is with this covid 19 scam to colect and map people DNA caractheristic.
would make sense, but sadly.. most of the applications will save logged session info inside cookies for weeks or months.. so, if a link, email or opening the wrong file can grab those cookies, it doesn't matter what security you have, they will get access to your account and be able to do lots of damage... no matter how many keys, OTPs or auth you have..
Hi - great video. I just purchased two keys. 1 primary and a backup. I have just registered my primary key using Yubikey Manager. Do I also set up the backup key, which will probably generate a different 48 digit Management code. Do I then add the two keys as 2 factory authentication onto the service available, like 1 Password? Just a little confused on how to set up 2 keys on Yubikey Manager. Any help appreciated. Thanks
While these are great, there are ways around these. It starts with simple malware that waits for you to login to a site, then sends your site token to the thief. Then they use that token that is valid to impersonate you, giving them control.
Question, A Yubikey must contain some sort of software... is there any open source software that works in a similar way that you could..for example install onto a drive dongle ? Be interesting if you could make your own key.
I am confused. Do you need a different key for every gmail account, and youtube account? Also do you need a different key for each computer you have, or can one key be used on multiple computers?
I will try to answer. But I am not 100% certain of my answers. I think that I understand the process. But I never used the Yubikey. Hence, my not being 100% certain. When you use the Yubikey to log in to web sites, you are telling those web sites that your password consists of 1) what you typed in to create the account, and 2) some data that is stored on the Yubikey flash drive. So just as you can use the same password on multiple sites, I am nearly positive that you can use the same Yubikey for multiple web sites. When our host stated that he has a backup Yubikey, I believe that that means that he has two flash drives (two Yubikeys) that are both registered with his web sites. Therefore, he can use either of his Yubikeys. The web sites probably do not care which one he plugs in. Either one should work, because our host registered both of them with the web sites. As to you question about needing a different key for each computer: My guess (and I am pretty sure about this) is that you can use your Yubikey on as many computers as you choose (just as using the same password on as many computers as you choose). I highly doubt that when you use your Yubikey on one computer, that some record is made to disallow you using your Yubikey elsewhere. And whether you use a Yubikey, or you do not use a Yubikey, you should never use the same password on more than one site. Although, for people that will still use the same password on multiple sites, then the Yubikey will make their account less vulnerable (I think). Maybe our host will confirm the above, and point out if I got something wrong. Lastly, if someone has physical access to your computer, then nothing (short of full system-wide disk encryption) will keep out a skilled attacker from gaining access. There are free tools that can be installed on a bootable flash drive that will defeat all login measures. Cheers!
@@NoEgg4u Wow, thank you for that detailed description. I have been searching for a long time and getting no answers from anyone, including this host. So I thank you again. It all made sense what you provided! 🥰
You don’t need a new key for every account and device. The same key can be used for all your accounts and devices at the same time, and I recommend you also have one extra backup key for all those same accounts and devices.
I don't get the point of the "only ask for a physical key every X weeks" feature. If you don't need it for every single login, doesn't that defeat the purpose of 2FA?
Can you make a video regarding what the best routers for privacy are? I was thinking about buying a Nest WiFi but I saw that it has the Google Assistant and I don't want to risk being listened to. Thanks.
Not sure why…but iPhone when 2fa is activated with security keys will still allow you to change your iCloud password word using a trusted device, IE, faceid or passcode, but still doesn’t require the YubiKey to verify? What’s the point if someone has your passcode and youre trusted device?
Can you explain the maximum number of login 2FAs on a single key? Is it possible to use the basic FIDO or other method on some sites and get more access on a single key? Is this practical or not? Thanks for your videos.
Thanks by your video!!! Very good material Which adapter to USB C to USB A did you use on the video? Do you think I could use any kind of adapter on Yubikey? I am Brazilian and Yubikeys are very expensive here.. so I would choose only one to use in several devices another question: So far I read about use Yubikey NFC with Ipad but it seems that NFC does not work. It seems that I HAVE to buy an Yubikey 5Ci to use lightning . Is that correct ?
Josh! I know you have receive a whole bunch of questions and comments, and you probably won't get to mine, but I'm going to ask you in hopes you can help me out... I watched one of your videos, and you recommend having a 'data blocker' like a USB to USB for a public power source. There are so many out there, so which brand would you recommend? How do I know which one I can trust?
Hey Sam! USB data blockers are a pretty simple and cheap piece of equipment. There’s not a specific brand I recommend (although I do have an affiliate link in one of my other videos). Just search “USB data blocker” on Amazon and choose one that is the equivalent of ~$8-10. I hope that helps!
@@AllThingsSecured Yes, that does help. Thank you for getting back to me! Keep up that great work, sir. Your information is vital in the world we are moving in today.
I feel like a 10 year old trying to operate a dial phone (whats the cord for?)... So authenticator app Must be open and running? before the authenticator part will function. so there is that to remember. Each Key individually & each site individually for set up, = one time hassle to be secure. Then after the key is set up, then add the authenticator, and where do the password managers start? what I know so far is my passwords are in my system and in my browser, but they should not be.
hi great vid i have desk top with windows 10 my sis has desk top windows 11 my mobile is old i5s that i use for 2 step verification so whats best yubikey 5 or 5 nfc
I'm extremely new with this Yubikey device. My crypto app Newton, on my android phone now requires me to use this for security.. I only want to use it for the Newton app for now. Can you do a video for how to set it up, or refer me to a video that does ? thanks
Hi Josh, 1st I'm relatively new to your channel, and I'd like to thank you for taking the time to upload a text file for your videos. This allow a multilingual household to watch this with excellent subtitle language options. 2nd, I've listened to this video twice. It's very good, and I'm quite close to buying one of the Yubikeys you presented, however have an important question. How many google or gmail accounts can I pair with one yubikey? I heard you say that your wife has you covered on her keys, and you do the same for her, and this makes sense, however do you know what the limit is for one key? If you already have a video covering this, please send the link in your response, and I'll watch it. Your language functionality is very much appreciated! Thanks for your help
Thanks, Pedro. I don't believe there is a limit to the number of accounts you can use with one key, although the number of keys you can use with one account is limited by the online account (i.e. Google). So glad the captions are put to good use! I'll keep having them transcribed.
In an effort to strengthen the security of my online accounts, I enable 2FA using my phone number to get the key via SMS (no a security hardware key) and when TMobile got hacked, all my accounts got compromised because the hackers reset my passwords and they were getting a copy of my SMS.
When I put my key into my computer, ever menu I clicked on asked questions about me setting up every options. So I guess I'm looking for a video for once u plug in, how to setup every options before logging into anything. Hope that makes sense.
The Older versions of the Google authenticator app does not contain and export feature? I will more than likely just have to use my old phone long into any accounts and disable and re add the app to the new phone.
Why do google need to see the make and model of the key? Is there any way to bypass this on Windows? My friend on Linux could just select "no" and still get the key working.
Can someone please explain concept here. Is that right that at the same time I can use this flash drive(call it like that for simplicity): 1 - to act as security key for my accounts(those who allow it). 2- to act as standalone authenticator? With both of those features i could use unlimited number of accounts as well as unlimited number of accounts for authenticator codes?
My Windows and Mac computers both ask me for a PIN before I use my Yubikey. So I am enter username, password, interting Yubikey, then the PIN then touching then Yubikey... It's way too many steps. What am I missing as this seems to me to be too many steps...
I'm still unclear on why hardware security keys are dramatically better than TOTP (especially TOTP implemented well). The way I see it, here are the weaknesses of TOTP relative to a Yubikey: 1. Depends solely on user education/vigilance to guard against phishing/MITM attacks. 2. A phone is more likely to be compromised than a Yubikey. 3. If for some reason a service provider isn't storing TOTP seeds securely, that's obviously a failure point. However: Stuff gets lost, including the stuff we try to be careful with, and often in circumstances where identity can be inferred (eg losing yubikey and wallet at the same time at the airport. Then, imagine you also lost your laptop somehow, which has your passwords decrypted in memory because you have a 64-character master password so you were lazy just this once and didn't lock it). With a TOTP app like Aegis, that final factor will remain secure because the TOTP seeds are AES-256-GCM encrypted and can only be decrypted with a strong password (not the phone PIN) or biometrics. The encrypted seeds can be securely backed up. I get that there are pros and cons, but could you help me understand why everyone seems to think that hardware keys are unequivocally, beyond-debate better? (Let's leave the Yubikey Bio out for now...)
I don't think people say hardware security keys are better, what they say is that they're more secure. Like you said, this comes down to "user education/vigilance" which is a HUGE problem. Just look into any recent hack, it always comes down to that. There is no way to phish a hardware security key meanwhile it's pretty easy to phish any of the code based options, so the former is inherently more secure.
What happens if you lose ALL your physical Yubi keys... it there a backup way to get back into your accounts or even get a replacement key? I suppose if there was it would defeat the purpose but the risk of being permanently locked out is definitely a problem.
You’re exactly right, Paul. Most accounts give you backup codes that you can print out and keep in a safe if you want. The bottom line is this: when you’re responsible for your own security, you need to be careful!
Great video. I have a few questions: 1. Am I correct in my understanding that Yubikey will work on every website that uses 2FA? In other words, any site that isn’t setup to use a security key, can use the Yubikey authenticator app instead of the key? 2. How will I know BEFORE I try to login if I need to use the Yubikey authenticator app, or my Yubikey without using the Yubikey authenticator app? 3. You mention using Yubikey and 2FA when logging into websites. Is the process the same when logging into an IOS or a Windows app? Thanks Thanks
1. True, it works on every website that offers 2FAs, and you can use Yubikey authenticator app instead of the key when the site doesn't offer the physical keys as 2FAs methods. Yubikey/ Yubico Authenticator app has the same functionality as google authenticator, Authy, etc,.. but it stores in the key, which is more secure than those google and Authy. 2. It depends on which method you set up as the 2FAs options. If you set up with Yubikey, the site will ask you to provide Yubikey. Likewise, if you set up with the authenticator app, the site will ask you for the 2FAs code that the yubikey/ yubico authenticator will provide. If you set up both methods as the 2FAs in the particular site, the site should ask you to make the choice between the physical key and the authenticator app. 3. The process is the same as using in ios, android, windows, mac or linux if you set up with the yubikey/ yubico authenticator app. For the physical key option, I find that some ios/ android app doesn't accept it, which means you can authenticate only with the authenticator app. For example, Proton Mail iOS app.
Thank you for a very helpful video. If you would just clear up one thing: can I set up my Yubikey authentication for sites that I access using my computer and use the same Yubikey plugged into my phone to receive the authentification code on my phone and then enter it physically on the computer. I like the idea of placing an air gap between the computer where I am doing the business and a phone where I can receive the code.
Hi. Thank you for your video. It is very informative. I am a big advocate of privacy and security. One of the questions I have is does the key allow for access only via a password. My concern with the key is that if it is obtained, it could be used to open accounts or log into websites. I am personally not a fan of biometrics (fingerprint scan or facial recognition) because neither are protected under the first or fourth amendments. A simple password is however protected under the first amendment and a person cannot be compelled to provide that information by a law enforcement agency.
Hey Gregg, the 2FA key can’t be used in place of the password - it is a *second* form of identification, so even if somebody stole your key, they would still need to know your initial password to get in. Does that answer your question?
@@AllThingsSecured Hi Josh, Thanks for your content, you're the first guy I watched who really explained YubiKey in an easy to understand manner and I've finally gotten to assigning my 3 NFC 5 YubiKey's. Q: Is it possible as a last backup to print the QR code (Yubico, Google Authenticator or both) and keep it in a security lock box? In case my keys get lost, or I pass on, and have the QR codes attached to my will and last rites?
addin security key in yobico does not appear in fide2 even when i put the pin to see the account only can appear in authenticator but i did registered as security key but can not see the details any idea ?
Yea I’m still a little confused about how to use the back up key if it’s separate setup.. are both keys set up identical passwords ? Any info is appreciated and great job on the video. Best one of 5-6 I’ve watched .
@@jerrysanders9101 - The setup is the same (not different as he mentioned). As far as the backup key, the site doesn't know if you are using a backup key(s) or not. It just checks its database. If the key you inserted is in the list then you gain access to your account.
Do you know if consumers can use the 5C FIPS series keys? I'm wondering if the regular 5 NFC series differs from the 5 FIPS series other than the added level of security on the FIPS. I ask because I'm wondering if let's say you want to secure your gmail account with the regular 5 series, can you also do it with the 5 FIPS series? Or are most accounts the average user utilizes only compatible with the regular 5 series and not the FIPS series? If I can still use the FIPS series that has government level 3 encryption vs. the regular 5 series, which only has level 1 encryption, than I'd rather just make the investment and pay slightly more for the FIPS version and get added security but I'm not sure if it's ONLY for government use or can regular consumers use it to and for the most part it would still function like the regular 5 series but with the added protection? Thanks for making your content, it's valuable in today's digital world 👍❗
Need to download Yubi app just to read the codes???? Does this depends on the type of Yubi key being used???? I saw some tutorials wherein they don't use Yubi app just to read the codes.
I am having trouble using my Yubikey and Google account on my Android phone. When it asks for key I hold it on the back via NFC but then it gives me some options to 'open with'. What do I choose as it won't allow my account any further?
Do you use a 2FA key for your logins? Let me know in the comments below! Grab your own Yubikeys here: geni.us/yubico-store
when i put the code , it's said invalid. :(
Trying to setup a backup key on coinbase. I got the 1st one hooked up but the backup doesn't seem to want to Hook up.
If YubiKey is the default 2FA method... is it advisable to have other methods like "Google prompts" also enabled (Or does that negate/undermine the purpose of the Yubikey)?
The price of that key is just ridiculously high, if you take 2 you will lose €150,- euro €15,- would be a reasonable price. then they say that it will last 30 years, but the usb input that also changes every once in a while and they can probably make those things for a €1, if we wait a few more years, I think there will be several brands or systems on the market, think that now only people who are willing to pay the price for it who have cripto or other valuable things online and if the rest don't come to purchase they will automatically become cheaper, for this price I just feel for me as a ripped off, I already had seen one other brand just for €13,20 but was sold out now for the moment, I think I it say it was a 2FA key
Code is not working.
Excellent presentation. At first I was confused about the backup key. In the IT industry a backup implies a copy, a duplicate of such as a file or the contents of a hard drive. But I eventually learned that in the case of a security key, a backup is not a copy, a duplicate, of the first key. A backup is a second key independent of the first key. It took me a bit to unravel how the backup term was used so differently in the context of security keys.
I have been looking for a way to use my key for a while. You're the first person who has been able to explain how to utilize it correctly, and most importantly, easily.
Great! 🙏
Finally!!! Someone who know how to explain the actual Yubico app. I went through 17 videos before I found yours. Thank you so much for clearly explaining how this all works.
Same with my wife. I store my second wife in a secure storage that I'm not going to tell you about.
😂😝
Not so secret. We all store them at work, lol
Because its Halal as a muslem, I have stored 2 wives in the same house and start my journey to find the third then the fourth one.
Unsubscribing. This has ‘Yubico promotion channel’ all over it. Hilarious. Next video’s maybe have a second corpse play the dumbo with moron questions and comments. Shopping channel vibe. 😂
Great comment
Thank you for your work on our security. As a man who teaches security, I am not finding a video on what I consider to be a core threat to a person's security, "MySpy" and other embedded spay software that may or is installed on peoples phones and computers. It is well understood and highly used by those "actors" who use them, the public is oblivious. To me, if you are talking security, this a a MUST presentation: 1) to create the awareness of what Spy software is. 2) How spy software works, is installed and can track you, intimately. 3) A. How to combat it? B. How to not allow it to be installed on your tech (iPhone / Laptop) C. How to detect it (very hard to do) D. How to get rid of it (regardless if you know you have it.) To me, this is a fundamental to any website / TH-cam channel focussing on security. Maybe you already have a video on this topic, is so, I did not find it and I apologize. If you do not have this video, this is a MUST video and to me, number ONE for anybody taking iPhone / Laptop and Internet security. A MUST!!!
It is really cool and secure but... only bad side is: Holds only 32 TOTP entries. So if you have more that 32 you better off using Authy or Bitwarden premium TOTP to store non important TOTPs and keep the important ones on your ubikey. I learned the hard way :/
I was actually planning on buying a ubikey to secure my bitwarden master email. Is it possible?
@@kingpanda6585 you can secure your bitwarden with yubikey
@@AFiB1999 awesome. I'll look into that. Thanks!
I am yet to start using these keys. I am waiting for 2 keys from Yubico, a Yubi 5 NFC and a 5C NFC. From watching a few videos while waiting delivery it looks like it will be a steep learning curve.
They just released the Yubikey Bio, Now it has a fingerprint reader and makes sure it’s actually you.
I just ordered mine and I’ll be reviewing it soon!
@@AllThingsSecured I'll wait for this video :)
They been sold out for weeks ughhh
Hey when you connect two keys, if you lose one, the backup key will access your website just the same as the original key you lost? Thanks Ashley!
This is a great and informative post. Thank you for posting this, I don't have a physical key, however you really have sold the benefits and I believe I'll definitely be getting one.
Great to hear! Like I said, there are free ways to do 2FA, so I would only use the key if it fits in your budget. But I love using the key over the authenticator app.
@@AllThingsSecured The apps are what I currently use and they have their place, however you really demystified 2FA in terms of physical devices and that's definitely the way I'd like to go. Thank you very much
Very useful information. I will have to "digest" it for a bit before I proceed. Thank you.
Ok, maybe I'm missing something here. I'm an 80 year old grumpy old man. I'm computer literate but having a hard time wrapping my head around this. I understand that I can use the same key on multiple computers but what happens if I lose my key and someone finds it and plugs it into their computer....can they gain access to my accounts? I'm more paranoid now than ever. A TH-camr I watch has had his youtube site hacked twice in less than a month. I have a lot of accounts and it looks really time consuming to do this and then have to do it twice for a backup key....HELP>...lol
They would also need your password or biometrics, thats what is meant by "2 factor", someone needs 2 things to sign in.
Something you have: 2fa key/authenticator
Something you know: a password
Something you are: face/fingerprints
I watched 4 videos on the Yubikey and still didn't understand how it should be used until I watched this video. Thank you!
Glad to hear it!
This was a great intro - thank you. The same flow in 2024 now includes passkeys, and it's quite confusing how the two concepts relate to each other.
The yubikey also survives the washer I accidentally had to test this out and it still works like a charm 😂
Which Yubikey model survived the washer?
Wife just got sent some of these from her work and I hadn't seen them before. Suspected they were something like this but thank you for the informative video
My pleasure 👍🏻
Really great video, thank you. Absolutely going to pick a Yubikey and naturally I'll be using your affiliate code to do so.
Thanks for the support! And I hope you enjoy using the new key!
Charles Schwab doesn’t support yubico security keys nor does almost any US financial institution unless they do crypto.
Not yet, but I believe they will eventually. And while most banks don’t support security keys, many other financial and investment services outside of crypto definitely do.
Only vanguard supports currently of the big 3 brokerages, two years later support still shockingly low.
@@Fakepower1 Yeah, tradfi is pathetic
Just the video I needed. Saved me a lot of time. Thanks for all the explanations.
Glad it helped!
Great content, as always! Just a quick off-topic question: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
I've just bought two of the type A Security Key NFC ones. The 5 series is more than twice the price in the UK. I'll stick to using a free authenticator app for that additional functionality. It's a pity they don't have a version with type A on one end, and type C on the other. Only two of the machines I use have type C. In hindsight, I should maybe have got the type C for future proofing, and used adaptors left plugged in to the devices, but I didn't think of that. It's better to phase out the need for adaptors over time, as type C takes over, rather than increase the need to use them.
I have a yubi key but I can only use it with Google and Microsoft for now. My brokerages, banks, medical site do not support it...yet. It a good idea but it is too early now.
Thanks for the information, just purchased me 4 of those. Can you please let me know if I setup the yubikey as my authentication should I remove all other 2FA options? Let’s say remove the sms option? I’ll be glad to know. Thanks 🙏 again
you did not go into how the device/keys READS the QR code on the screen if you're using a MAC. that is not clear.
also not clear is do you set up the account on the Yubi website PRIOR to inserting your key and touching it. what's first, second, third steps in the set up? thanks.
First I've watched each of your "ditch Google Authenticator" and yubikey series at least once. I just wonderedd if you happend to know / recommed a NFC reader addon for Windows laptops. Plugin and removing that USB connector over and over could really wear down the gizmo in a rather short time. Thank you and keep up adding more excellent videos.
Your email was shown at 8:07, I hope you can fix this because you were trying to blur it out before. if you pause it at the right time you get it.
Excellent analysis, thanks! 👌 Just a small off-topic question: 😅 I found these words 😅. (behave today finger ski upon boy assault summer exhaust beauty stereo over). How do I use this? 🤨
"my wife and I have each other's backups" 👌🏽perfect line right there.
Thanks, Sidi.
I bought three yubikey 5c. One for me, one for my wife and one for backup. How do I setup the Yubikeys for my wife and I to use on joint accounts. And then can each of us use the UB key that we carry for individual things that we don't share with each other
What do you do with your backup key when you go on long trips? Leave it at home and you risk being locked out of your accounts until you get back. Take it with you and you risk having it lost or stolen. I think I would leave it at home and setup a good (temporary?) TOTP app. It would be a pain in the rear end to do that for every account, so TOTP would probably be permanent. So, no security advantage over TOTP. However, unlocking with Yubikey might be a lot more convenient than having to unlock your TOTP app all the time.
I cant seem to get passkeys off my computer and I can't use it. I must of clicked on it somewhere and now it pops up when I try to log into different sites. How do I get rid of it? I"ve tried all the basic logical things one can do.
Am I the only one that questions using a security feature which has 0 security controls? NFC has no security in it at all, so how do these prove they are still secure?
Great video, thanks. Can you tell me if I use a YubiKey to secure my Apple account and plan to use the Apple Password account -- (1) will I need to use the key to open the Passwords app, and (2) will I need to use the key every time the app pops-up to fill-in a password
I personally don't use Multi Device because it increases the attack surface area in two ways. 1 - Being in another server and has to sync once in a while, 2 - That's another device they can hack
Love this! Fantastic advice and ive gone ahead to buy one. You should so do an Every day carry video that would be awesome.
Thanks for the suggestion! It's on my list.
Your explanations are very helpful. Question - I set up my 2 Yubikeys for a financial account on my Windows computer. Windows Security needs a password, which I input. It just popped up when I was setting up my first hardware key. Nowhere do I see a mention of Windows Security (in any videos!). If I use the Yubikey Authenticator, will the Windows Security not be needed? Did Windows Security pop up because I don't have the Yubikey Authenticator app on my computer? Thanks!
Hello, great content, thanks for sharing your knowledge. I have an iPhone, iPad and iMac. Would you suggest nothing types of keys (plug in and NFC)? 7:22
Question. If I use the Yubikey can I eliminate the use of the authenticator app or do you recommend both?
Informative video, my yubi keys literally just shipped today. I purchased a 2 pack of the NFC 5, I got the USB A style so I can use it with my PC. I am hoping I can set it up on my phone which is USB C since I won't physically be able to plug it in....hmmm
You can always use the NFC (just tap on the phone instead of plug in).
NFC is way more convenient for mobile than plugging it into your phone's charge port anyways.
Yubikey 2FA is a great idea, but since Microsoft dropped support for signing into Windows it is pretty limited, also it is hardly cheap, especially as you really need two for backup.
When the Yubikey is supported it also has to made the only way of signing in, what would be the point of Yubikey if you could bypass it by signing in using an alternative method.
Finally it is very personal and you need your Yubikey with you, that could be very frustrating if you find yourself out and about, needling access, but with no key.
I think that is why it deserves the name "key".
You don't leave your home without having the door key with you, do you? And you probably gave someone trustworthy a second key, in case you do forget it. That's because if it should be secure, it must be hard to circumvent.
Thanks for sharing such valuable information! Could you help me with something unrelated: My OKX wallet holds some USDT, and I have the seed phrase. (air carpet target dish off jeans toilet sweet piano spoil fruit essay). What's the best way to send them to Binance?
Hey, i just got my Yubico key thanks to you.
Awesome! Enjoy it. 👍🏻
What's the Best yubikey 5 NFC or yubikey security key NFC? Whats the diference?
I wish more financial companies, banks would offer support for 2FA keys. Right now only a few do so. And some out of those, won't even allow you to disable SMS option, bummer.
Another great video. I've just received my Yubikey 5 on the basis of your brilliant tutorial. I want to ask, would it be possible to have a video to show how to remove a key should you lose it. I'm sure its pretty easy. Many thanks.
I just got my first Yubikey the other day and I did a bunch of reading so I may not be an expert, but they stressed that you should get two keys 'cuz if you lose one, you'll never get into those accounts again. They even recommend that you put the 2nd key somewhere offsite and preferably in a fireproof box/safe.
Thanks for clearing up many of the questions I had about yubikeys. I am still conferred about a few things.
1. Fingerprint locks are secure, hard to replicate keys that you always have and are hard to lose. Yubikeys just seem like another physical key that can be targetted to be stolen from you to gain access. So why are yubikeys better than fingerprint locks?
2. What are the best storage practices for the physical yubikeys? Certainly not along with you car and house keys, but not as a seperate key in the pocket which may fall off. Probably as a chain around the neck?
3. Can yubikey be used as a way to secure individual documents/folders from changes by others?
NOPE you are wrong. Your fingerprint must be stored somewhere and they collect people FP to map your identity with phone or other devices in your vicinity. Same is with this covid 19 scam to colect and map people DNA caractheristic.
@@janeznovak2408 Can you tell us where to get more information about this?! Thank you!
would make sense, but sadly.. most of the applications will save logged session info inside cookies for weeks or months.. so, if a link, email or opening the wrong file can grab those cookies, it doesn't matter what security you have, they will get access to your account and be able to do lots of damage... no matter how many keys, OTPs or auth you have..
Hi - great video. I just purchased two keys. 1 primary and a backup. I have just registered my primary key using Yubikey Manager. Do I also set up the backup key, which will probably generate a different 48 digit Management code. Do I then add the two keys as 2 factory authentication onto the service available, like 1 Password? Just a little confused on how to set up 2 keys on Yubikey Manager. Any help appreciated. Thanks
Sorry - I have 2 x Yubikey 5C NFC’s
While these are great, there are ways around these. It starts with simple malware that waits for you to login to a site, then sends your site token to the thief. Then they use that token that is valid to impersonate you, giving them control.
I just got a pair of Yubikeys. I'm debating if I still want to use it to lock down my computer lol!
I know what you mean. For me, I don’t - it’s just not necessary.
Question, A Yubikey must contain some sort of software... is there any open source software that works in a similar way that you could..for example install onto a drive dongle ?
Be interesting if you could make your own key.
I am confused. Do you need a different key for every gmail account, and youtube account? Also do you need a different key for each computer you have, or can one key be used on multiple computers?
I will try to answer. But I am not 100% certain of my answers.
I think that I understand the process. But I never used the Yubikey. Hence, my not being 100% certain.
When you use the Yubikey to log in to web sites, you are telling those web sites that your password consists of 1) what you typed in to create the account, and 2) some data that is stored on the Yubikey flash drive.
So just as you can use the same password on multiple sites, I am nearly positive that you can use the same Yubikey for multiple web sites.
When our host stated that he has a backup Yubikey, I believe that that means that he has two flash drives (two Yubikeys) that are both registered with his web sites. Therefore, he can use either of his Yubikeys. The web sites probably do not care which one he plugs in. Either one should work, because our host registered both of them with the web sites.
As to you question about needing a different key for each computer:
My guess (and I am pretty sure about this) is that you can use your Yubikey on as many computers as you choose (just as using the same password on as many computers as you choose). I highly doubt that when you use your Yubikey on one computer, that some record is made to disallow you using your Yubikey elsewhere.
And whether you use a Yubikey, or you do not use a Yubikey, you should never use the same password on more than one site. Although, for people that will still use the same password on multiple sites, then the Yubikey will make their account less vulnerable (I think).
Maybe our host will confirm the above, and point out if I got something wrong.
Lastly, if someone has physical access to your computer, then nothing (short of full system-wide disk encryption) will keep out a skilled attacker from gaining access.
There are free tools that can be installed on a bootable flash drive that will defeat all login measures.
Cheers!
@@NoEgg4u Wow, thank you for that detailed description. I have been searching for a long time and getting no answers from anyone, including this host. So I thank you again. It all made sense what you provided! 🥰
You don’t need a new key for every account and device. The same key can be used for all your accounts and devices at the same time, and I recommend you also have one extra backup key for all those same accounts and devices.
@@AllThingsSecured Gosh, thank you so much. Finally an answer simply put that I can understand
I don't get the point of the "only ask for a physical key every X weeks" feature. If you don't need it for every single login, doesn't that defeat the purpose of 2FA?
With the physical security key, you still have to copy and paste codes???
I thought it eliminates that.
Can you make a video regarding what the best routers for privacy are? I was thinking about buying a Nest WiFi but I saw that it has the Google Assistant and I don't want to risk being listened to. Thanks.
Yea, I steer clear of any router that has a microphone 😉 Thanks for the content suggestion, Sebastian.
Yea. I wouldn’t trust Google with my broken old bicycle. Much less my personal and sensitive data.
Ubiquity Dream machine most definitely
Not sure why…but iPhone when 2fa is activated with security keys will still allow you to change your iCloud password word using a trusted device, IE, faceid or passcode, but still doesn’t require the YubiKey to verify? What’s the point if someone has your passcode and youre trusted device?
Can you explain the maximum number of login 2FAs on a single key? Is it possible to use the basic FIDO or other method on some sites and get more access on a single key? Is this practical or not?
Thanks for your videos.
Thanks by your video!!! Very good material
Which adapter to USB C to USB A did you use on the video? Do you think I could use any kind of adapter on Yubikey? I am Brazilian and Yubikeys are very expensive here.. so I would choose only one to use in several devices
another question: So far I read about use Yubikey NFC with Ipad but it seems that NFC does not work. It seems that I HAVE to buy an Yubikey 5Ci to use lightning . Is that correct ?
Josh, as usual excellent video
Thanks, Ryan!
Hello thank you so much for making this video , This is just what i needed as my yubi's are being shipped , Thank you sir .
Glad I could help!
Josh! I know you have receive a whole bunch of questions and comments, and you probably won't get to mine, but I'm going to ask you in hopes you can help me out...
I watched one of your videos, and you recommend having a 'data blocker' like a USB to USB for a public power source. There are so many out there, so which brand would you recommend? How do I know which one I can trust?
Hey Sam! USB data blockers are a pretty simple and cheap piece of equipment. There’s not a specific brand I recommend (although I do have an affiliate link in one of my other videos). Just search “USB data blocker” on Amazon and choose one that is the equivalent of ~$8-10.
I hope that helps!
@@AllThingsSecured Yes, that does help. Thank you for getting back to me!
Keep up that great work, sir. Your information is vital in the world we are moving in today.
Great idea! Thanks for the reminder to do something like this
My pleasure!
I feel like a 10 year old trying to operate a dial phone (whats the cord for?)... So authenticator app Must be open and running? before the authenticator part will function. so there is that to remember. Each Key individually & each site individually for set up, = one time hassle to be secure. Then after the key is set up, then add the authenticator, and where do the password managers start? what I know so far is my passwords are in my system and in my browser, but they should not be.
hi great vid i have desk top with windows 10 my sis has desk top windows 11 my mobile is old i5s that i use for 2 step verification so whats best yubikey 5 or 5 nfc
How about if the person trying to log in using key loggers will they be able to log in your TH-cam channel if you are using security key?
I'm extremely new with this Yubikey device. My crypto app Newton, on my android phone now requires me to use this for security.. I only want to use it for the Newton app for now. Can you do a video for how to set it up, or refer me to a video that does ? thanks
Hi Josh, 1st I'm relatively new to your channel, and I'd like to thank you for taking the time to upload a text file for your videos.
This allow a multilingual household to watch this with excellent subtitle language options.
2nd, I've listened to this video twice. It's very good, and I'm quite close to buying one of the Yubikeys you presented, however have an important question.
How many google or gmail accounts can I pair with one yubikey? I heard you say that your wife has you covered on her keys, and you do the same for her, and this makes sense, however do you know
what the limit is for one key? If you already have a video covering this, please send the link in your response, and I'll watch it.
Your language functionality is very much appreciated!
Thanks for your help
Thanks, Pedro. I don't believe there is a limit to the number of accounts you can use with one key, although the number of keys you can use with one account is limited by the online account (i.e. Google).
So glad the captions are put to good use! I'll keep having them transcribed.
@@AllThingsSecured Thanks Josh!
Why would Brave and Windows security pop-up when activating a YubiKey for the first time?
In an effort to strengthen the security of my online accounts, I enable 2FA using my phone number to get the key via SMS (no a security hardware key) and when TMobile got hacked, all my accounts got compromised because the hackers reset my passwords and they were getting a copy of my SMS.
So can u do video of what to setup on these keys. We plugged it in and nothing happened. So I downloaded the manager app and the authentic app.
Did you watch the video? The key gets used on your online accounts.
When I put my key into my computer, ever menu I clicked on asked questions about me setting up every options. So I guess I'm looking for a video for once u plug in, how to setup every options before logging into anything. Hope that makes sense.
The Older versions of the Google authenticator app does not contain and export feature? I will more than likely just have to use my old phone long into any accounts and disable and re add the app to the new phone.
Thanks for this very useful video. So if my main key is a Yubico, can the spare/s one/s be from another brand?
Sure, they can if you want to.
Why do google need to see the make and model of the key? Is there any way to bypass this on Windows? My friend on Linux could just select "no" and still get the key working.
You know what I can’t figure out? Is how to make my iPad Pro use my Yubikey NFC. Where exactly do I place the key on the iPad Pro - 12.9”?
Unfortunately iPads don’t have NFC capabilities.
Oh i see .... i tought we must use the 2FA key everytime we use an app or website .... and tought my key was broken or setted in the wrong way
Can someone please explain concept here. Is that right that at the same time I can use this flash drive(call it like that for simplicity): 1 - to act as security key for my accounts(those who allow it). 2- to act as standalone authenticator?
With both of those features i could use unlimited number of accounts as well as unlimited number of accounts for authenticator codes?
do you have a video to do this with your amazon account? thanks!
if I'm following this correctly, in all you're examples the hardware key replaces the password, so isn't it still just one factor???
No, it doesn’t replace the password at all. All 2FA is in addition to your password.
This is all so new to me. Thanks!
I really really don’t understand why those yubkey don’t have ports to connect to each other in order to make sure that everything is backup perfectly.
My Windows and Mac computers both ask me for a PIN before I use my Yubikey. So I am enter username, password, interting Yubikey, then the PIN then touching then Yubikey... It's way too many steps. What am I missing as this seems to me to be too many steps...
I'm still unclear on why hardware security keys are dramatically better than TOTP (especially TOTP implemented well).
The way I see it, here are the weaknesses of TOTP relative to a Yubikey:
1. Depends solely on user education/vigilance to guard against phishing/MITM attacks.
2. A phone is more likely to be compromised than a Yubikey.
3. If for some reason a service provider isn't storing TOTP seeds securely, that's obviously a failure point.
However:
Stuff gets lost, including the stuff we try to be careful with, and often in circumstances where identity can be inferred (eg losing yubikey and wallet at the same time at the airport. Then, imagine you also lost your laptop somehow, which has your passwords decrypted in memory because you have a 64-character master password so you were lazy just this once and didn't lock it).
With a TOTP app like Aegis, that final factor will remain secure because the TOTP seeds are AES-256-GCM encrypted and can only be decrypted with a strong password (not the phone PIN) or biometrics. The encrypted seeds can be securely backed up.
I get that there are pros and cons, but could you help me understand why everyone seems to think that hardware keys are unequivocally, beyond-debate better? (Let's leave the Yubikey Bio out for now...)
I don't think people say hardware security keys are better, what they say is that they're more secure. Like you said, this comes down to "user education/vigilance" which is a HUGE problem. Just look into any recent hack, it always comes down to that. There is no way to phish a hardware security key meanwhile it's pretty easy to phish any of the code based options, so the former is inherently more secure.
What happens if you lose ALL your physical Yubi keys... it there a backup way to get back into your accounts or even get a replacement key? I suppose if there was it would defeat the purpose but the risk of being permanently locked out is definitely a problem.
You’re exactly right, Paul. Most accounts give you backup codes that you can print out and keep in a safe if you want. The bottom line is this: when you’re responsible for your own security, you need to be careful!
Great video. I have a few questions:
1. Am I correct in my understanding that Yubikey will work on every website that uses 2FA? In other words, any site that isn’t setup to use a security key, can use the Yubikey authenticator app instead of the key?
2. How will I know BEFORE I try to login if I need to use the Yubikey authenticator app, or my Yubikey without using the Yubikey authenticator app?
3. You mention using Yubikey and 2FA when logging into websites. Is the process the same when logging into an IOS or a Windows app?
Thanks
Thanks
1. True, it works on every website that offers 2FAs, and you can use Yubikey authenticator app instead of the key when the site doesn't offer the physical keys as 2FAs methods. Yubikey/ Yubico Authenticator app has the same functionality as google authenticator, Authy, etc,.. but it stores in the key, which is more secure than those google and Authy.
2. It depends on which method you set up as the 2FAs options. If you set up with Yubikey, the site will ask you to provide Yubikey. Likewise, if you set up with the authenticator app, the site will ask you for the 2FAs code that the yubikey/ yubico authenticator will provide. If you set up both methods as the 2FAs in the particular site, the site should ask you to make the choice between the physical key and the authenticator app.
3. The process is the same as using in ios, android, windows, mac or linux if you set up with the yubikey/ yubico authenticator app. For the physical key option, I find that some ios/ android app doesn't accept it, which means you can authenticate only with the authenticator app. For example, Proton Mail iOS app.
I have a son I want to keep off of the internet when he is not being supervised. Is there any device enabling pc lockdown...as opposed to accounts?
Do the key manufacturers keep a copy of your key like ledger nano x has done?!
Thank you for a very helpful video.
If you would just clear up one thing: can I set up my Yubikey authentication for sites that I access using my computer and use the same Yubikey plugged into my phone to receive the authentification code on my phone and then enter it physically on the computer.
I like the idea of placing an air gap between the computer where I am doing the business and a phone where I can receive the code.
Yes, you can. You can run the Authenticator app on your phone, use the key to verify and then type in that code to the computer.
@@AllThingsSecured Thank you for your response. It's a great help!
Hi. Thank you for your video. It is very informative. I am a big advocate of privacy and security. One of the questions I have is does the key allow for access only via a password. My concern with the key is that if it is obtained, it could be used to open accounts or log into websites. I am personally not a fan of biometrics (fingerprint scan or facial recognition) because neither are protected under the first or fourth amendments. A simple password is however protected under the first amendment and a person cannot be compelled to provide that information by a law enforcement agency.
Hey Gregg, the 2FA key can’t be used in place of the password - it is a *second* form of identification, so even if somebody stole your key, they would still need to know your initial password to get in. Does that answer your question?
I really enjoy your video! Thank you!
Love your vids man.
Thanks so much!
@@AllThingsSecured Hi Josh, Thanks for your content, you're the first guy I watched who really explained YubiKey in an easy to understand manner and I've finally gotten to assigning my 3 NFC 5 YubiKey's. Q: Is it possible as a last backup to print the QR code (Yubico, Google Authenticator or both) and keep it in a security lock box? In case my keys get lost, or I pass on, and have the QR codes attached to my will and last rites?
Thank you for the clear explanation
You are welcome!
addin security key in yobico does not appear in fide2 even when i put the pin to see the account only can appear in authenticator but i did registered as security key but can not see the details any idea ?
Been waiting for you to make that for a long time . And now: show us how to create PW with them.
Thanks for the ideas.
Yea I’m still a little confused about how to use the back up key if it’s separate setup.. are both keys set up identical passwords ? Any info is appreciated and great job on the video. Best one of 5-6 I’ve watched .
You don't create passwords with your YubiKeys. You create PW with your PW manager.
@@jerrysanders9101 - The setup is the same (not different as he mentioned). As far as the backup key, the site doesn't know if you are using a backup key(s) or not. It just checks its database. If the key you inserted is in the list then you gain access to your account.
@@manny7886 thanks for the reply and info Manny.
Windows question: Are the YUBIKEY series 5 products compatible with Windows 7 ?
Or compatible with only Windows 10 and above?
Do I understand you still need to remember your password?
Do you know if consumers can use the 5C FIPS series keys? I'm wondering if the regular 5 NFC series differs from the 5 FIPS series other than the added level of security on the FIPS. I ask because I'm wondering if let's say you want to secure your gmail account with the regular 5 series, can you also do it with the 5 FIPS series? Or are most accounts the average user utilizes only compatible with the regular 5 series and not the FIPS series? If I can still use the FIPS series that has government level 3 encryption vs. the regular 5 series, which only has level 1 encryption, than I'd rather just make the investment and pay slightly more for the FIPS version and get added security but I'm not sure if it's ONLY for government use or can regular consumers use it to and for the most part it would still function like the regular 5 series but with the added protection? Thanks for making your content, it's valuable in today's digital world 👍❗
What if you loose your key? I am just looking into this and curious.
Need to download Yubi app just to read the codes???? Does this depends on the type of Yubi key being used???? I saw some tutorials wherein they don't use Yubi app just to read the codes.
I am having trouble using my Yubikey and Google account on my Android phone. When it asks for key I hold it on the back via NFC but then it gives me some options to 'open with'. What do I choose as it won't allow my account any further?
Do you worry about getting mugged if you carry it around with you?