Cyber Security: Protecting Online Accounts
ฝัง
- เผยแพร่เมื่อ 18 พ.ค. 2024
- Keeping your accounts protected using different 2-step verification methods, including hardware security keys. Video includes Yubikey demonstration, as well password good practice and other security advice.
My own security keys are Yubikey 5C models, which you can find on Amazon.com here: amzn.to/3ubKrcs and on Amazon.co.uk here: amzn.to/2ZyDJlz (paid affiliate links). Note that I have no association with Yubico, and that I purchased the keys I use. However, note that an Amazon Associate I earn from qualifying purchases when you click on either of the Amazon links.
In this video I refer to keeping passwords on encrypted USB drives, which I have covered in the following videos:
“Encrypted USB Devices” (hardware encryption):
• Encrypted USB Drives
VeraCrypt Encrypted USB Drive (stand alone software encryption):
• VeraCrypt Encrypted US...
DatAshur PRO Encryped USB 3.0 Drive (hardware encryption):
• DatAshur PRO Encrypted...
The Microsoft blog post on a passwordless future is here:
www.microsoft.com/security/bl...
The 2019 Microsoft Security Baseline announcement in which they explain in detail why regularly changing (expiring) passwords is no longer necessary is here:
techcommunity.microsoft.com/t...
The TH-cam post reporting that 2-step verification will be required for all monetizing channels from November 1st 2021 is here: support.google.com/youtube/th...
The Google Titan security key web page is here:
store.google.com/gb/product/t...
And the Yubico security key products page is here:
www.yubico.com/products/
The Yubikey page on setting up security keys in Linux (Ubuntu -- but it works in other distros) is here: support.yubico.com/hc/en-us/a...
More videos on computing and related topics can be found at / explainingcomputers
You may also like my ExplainingTheFuture channel at: / explainingthefuture
Chapters:
00:00 Introduction
00:35 Passwords & Beyond
03:14 Authentication Methods
05:45 Security Keys (hardware authentication devices)
09:31 Maximum Security
11:23 Two More Things - วิทยาศาสตร์และเทคโนโลยี
this channel has 80's vibe
And its good🤌🏻
Especially for older people, be careful of biometrics, as the body changes, particularly for Iris, as well as fingerprints. Imagine laying in a hospital, trying to get to data or contacts, only to have your phone 'Brick' itself at a time that you need it most! (recent scary experience)
Very true. And biometrics are also static data -- so once they are stolen, you've had it. They are things to share very sparingly.
fingerprints papilary lines remain the same for entirety of your life; outer skin cuts or burns have no effect... you are very profane on the issue, go study basics of biometrics
@@ExplainingComputers Or arguably... not at all!
Imagine IT airport security implanting a biometric scan record onto their manifest, just like people leaving your DNA at a crime scene that you've nothing to do with. The "high" security data means it is virtually unchallengeable. I'm afraid it all leads to very dark places indeed.
The standard password is equivalent to CASH. It offers anonymity and that is far more precious than anything else for ordinary people who have an inalienable right to privacy. I don't give a damn if that makes law enforcement more difficult - Law enforcement should pick their game up instead of us all having to pay the price. Cash is on the way out as it largely cannot be recorded for prying eyes to see.
Passwords are on the way out for the same reason... Data logging/snooping and data mining.
And what of the elderly, many already suffer because the tech changes so quick and "greater" security will by nature will cause more of the elderly to fall foul of it.
@@cokeforever Waiting days or weeks to heal for them to be restored is problematic from cuts / burns / other damage. I am a diabetic, and have to do finger sticks on a very regular basis. Because of that, I do not use my registered fingers for those sticks to test blood glucose levels, because I can lock up / lock out very easily except on very cheap / inaccurate readers.
@@cokeforever I don’t the details of biometrics but I do know that after my wife had chemo for cancer a side effect was extremely dry skin and the fingerprint authentication on her iPhone became extremely unreliable.
Good advice. I thought I was current on the topic, but learned some things.
In the case of Twitter, the best security measure is, unless you have compelling professional reasons, to have nothing to do with it. You'll save a lot of time and filtering of misinformation.
One of the most relevant and important videos you have ever made!
This is a kick in the Tush to not be complacent about what we all use for account protection!
*Thank You*
Thanks! :) I last did a video on this topic 13 years ago, so I thought it was time for an update.
Thank you for another great video Christopher! Its great to see how the security keys work. Since I work in the medical field, we have something similar for our doctors. Since they prescribe medications, particularly controlled substances, they are required to use a security key to authenticate in order to fill a prescription. Thanks again, looking forward to your next video. Take care.
Thank you, Chris, for the weekly dose of tech knowledge. Yet another great video from one of the Top tech TH-camrs out there 🙏🏽
Thanks. :)
You are most welcome, Sir 🙂
Essentially, it seems, a security USB key is the most convenient way to to do 2-step verification vs an authentication app. PS. Thanks for you well produced content, have watched dozens of your videos.
To those that give Chris’s videos the thumbs down, get over yourself! His videos are better than anything you are likely to watch this week. If you are looking for crude entertainment like you find on other channels or platforms, this isn’t the place for you. I’ve never seen an explaining computers video that deserves a thumbs down.
Well, I did watch an Applied Science video which is always very good 😉 But I fully agree with the thought of your comment.
Miss clicks happen
The offenders are NSA and FBI employees.
I'm sure that creators know a lot more about this than I do, but there's no point in criticizing people for clicking thumbs down, if they even exist; they aren't going to change their click because someone called them out in the comments. Either these clicks are just bots or people are clicking thumbs down in an attempt to stop these videos from being recommended to them. That's the wrong approach, but it's Google's fault for adding the button in the first place.
Calm down dude.
Biometric data are not secret, and are far better suited to being the username to identify oneself, rather than the information needed to verify onceself.
I'm inclined to agree. I mean in fairness they're usually used to unlock TPM modules, in which case the biometric is more secure than a 4 or 6 digit PIN.
DC, fxf口尸d口d熬Z田火水火??尸--/78
@@rajkumarjhariya6305 DC, fxf mouth corpse d mouth d boil Z field fire and water fire? ? Corpse--/78
There's a button under your comment that says "Google translate" and I don't think it worked properly.
Another great video! We use RSA authentication at work and have a mortal and alias accounts with 16 character passwords each. Insane to remember when they change every 3 months and you can't use the last 15 known passwords. Love the video.
Thanks for a very complete discussion, including mention of backdoor cautions.
great 2SV video Chris; you explain tech in a simplified way
How not to like your videos Chris? Very well explained. In last 15-20 years security on computers has changed so much.
There's too much damn reliance on my phone working so I'm going to have to look at hardware keys - thanks Chris.
Very much what first pushed me in that direction!
Then you are equally reliant on the hardware key working.
@@jonahtwhale1779 You have to trust or rely on something for Security to work. If you don't trust anything then you have nothing to keeps your data safe with.
This is one to share with the family. Good password practise will help everyone.
Thank you for the overview of passwords and multifactor authentication. I hope it will save me the time if constantly explaining this. I have shared this with family members and clients.
Thanks Chris, for another informative video. I didn’t know about authentication keys, but will now look into it.
An interesting and thought provoking video at EC, my Sunday is now complete a bit later than usual. Security is so important and for some it's a complex subject, I know people who don't bother with it at all.
Another informative video, Chris--thank you. I now see the need to use this kind of 2SV.
Thank you for your excellent work.
Next week 800K subscribers?
You deserve them!
Congratulations
An excellent discussion.....thanks, Chris!
Excellent video, Chris. I need to investigate the USB security keys and update everything accordingly.
I think it's time to change the combination on my luggage. Thanks for another great video.
I cant believe someone dislike this video. Very informative. Thanks!
Black-hat hacker did it. lol.
8:47 I expected Chris to call the key "Mr Key" or Kevin the Key
Now that is something I missed!
@@ExplainingComputers or maybe "seb Key"
@@lesliedeana5142 :)
Yubie 1 kenobee and Yubie 2 kenobee
I liked the included info that changing passwords frequently (ie every 60-90 days) without a known breach or validate reason is good advice. Many companies, such as MS, found that forcing employees to keep changing their passwords often led to them to developing worse security practices such as writing down passwords on stick notes simply because they were forced to keep changing their passwords so often. Two-factor authentications and hardware methods are much better solutions.
Thanks for the timely video. I am long overdue for a security update, today is my day. Best wishes.
You will feel virtuous -- and more secure -- when you've done it! :)
Nice topic since TH-cam will require it for monetized accounts soon.
Security is one of those things you don't necessarily think about until something happens.
Maybe how this actually works would be a good topic for another video. I'd hate to blindly rely on a piece of technology for security without knowing how it works.
I would love to see such videos more!! Thank you for sharing such a valuable information. Please talk about browsers (Chrome, MS Edge, Firefox, Brave) security as well.
As usual, salient advice from your channel
It will certainly be interesting to see if there are any issues on TH-cam after 1st November . . .
Great video. Hadn’t considered physical keys. Buying some now.
I learned something today. Thanks Chris 😊
:)
Super helpful video. Good trick also is to use the USB c to USB a adapter with security keys. Thanks Chris.
Excellent!!!! We need videos like this one to improove our security. Thank you!!!
I've had a yubikey for years now, but this video gave me the kick in the pants to actually add it to accounts other than my password manager, thanks!
I'm also finding how depressingly-few very high profile organizations don't support hardware keys. :(
Thanks Chris!! Really useful information, my appreciation to you!
A much needed video!
For all of us "normal" computer users, this is REALLY good stuff, especially for protecting ourselves into the foreseeable future. Because the Internet was originally designed with a benign view of humanity, and that was proven to be SO WRONG, we cannot wait until those mistakes are corrected. We need to always protect ourselves instead. Thank you, Dr. Barnatt, for showing us these alternatives. Of course we will need to keep our heads up for new alternatives, and I hope we can count on you to point us to those as well!
I see what you did there, making the hardware keys resemble Mr Scissors at 5:54 :) Great video as always.
It is sad to be reminded just how many unscrupulous people there are in the world. Thanks for covering a very needed topic! Looking forward to your next video.
Greetings Prerry! And yes, we live in a sad world.
Hello from Boston. As usual every Sunday. Thanks.)
Greetings from the UK!
Very useful content, thank you Chris!
Good stuff to know about Chris. Thanks for another great video.
Thanks for another great video, on a very relevant topic.
Great video Chris. This method is something many should adopt as primary. If there are biometric products aside from fingerprint scanners, for example a home user retina scanner or the like, could you consider a future video on those products as well?
I will be watching this video properly later. Very definitely a hot topic in this day and age.
Great info Chris, thanks as always.
Nicely done as always 👍
Great videos as always ! I would totally love more videos about cybersecurity
Noted! :)
Many thanks for this great video...It was very helpfull as always!!!
Like seeing you smiling a bit when say your intro message.
Thanks Chris this was very useful, and i'm sure will prove to be invaluable, to watch. I'm grateful that you provided a link to this in your recent video on Very Useful Small Computing Things.
Thanks for watching . . . twice! :)
Thanks so much for this video, it was really helpful to me!
Thanks for the knowledge 👍🏻
_"Backup"_ codes often provide easy back door access. When a banking website asks you for your "mother's maiden name", "first car", "where were you born", etc. they are really asking you to provide answers that are easily figured out or guessed. Hey you'll never forget these "passwords" but they are easy to brute force... "What was your first car?" not a lot of guesses required even if you have no clue about the user's account you are hacking.
When someone asks for the name of a car, or a maiden name, I always use a random character string not the actual name.
thank you, sir. this is very important.
Thanks, Chris.
Very informative. Thank you very much.
Thank you Chris!
Great video! You, Sir, are a strategic asset for humanity.
Thanks! :)
Excellent subject ! Thanks :):)
Great: Very Helpful. Thanks
Thank you for a splendid, deeply appreciated and useful discussion.
Thanks!
Very valuable video, thanks
All rise Ladies and Gentlemen as Judge Chris once again drops on us another masterpiece of computing knowledge... BOO-YAA!!!
Very good and important information. Thanks
Great explanation.
Yesterday I had a Ledger USB secure device delivered to hold my cryptocurrency details. I have not yet had time to check if it can be used for 2 step verification as well; (FIDO compliant etc.) - Probably it would be best to keep it separate as the Ledger should be locked away safely and not used every day... too risky!
Oh, and a word to the rather 'obsessive' Lesley Deana, calm down, dear - Christopher is a wise and useful source of information, best to let the informed people get on and help us without offering your silly criticisms and comments.
I have valued this channel over the years, even while studying for an MA in Computational Art. Great video, keep em coming, thanks.
I must say i love the full disk encryption on linux mint, as my work requires me to leave a laptop sometimes where it could be accessed, love the video by the way and aint nobody hacking mr scissors
Great video. I was going to comment about the SMS 2FA risks and that TOTP Apps are more secure in an expectation that you would've missed that. But, you didn't, so a very good shout out for this video, Christopher.
:)
Nice Sunday my favorite day nice video as always have a nice week
Thank you! You too!
Great video as always :-)
Thank you! Dear Chris, 2 step verification and 2 factor authentication are different things. You can have 2 step verification but still those steps may use only 1 factor. For example, logging in by entering (one by one, in different steps) - 2 different passwords (when the second one is NOT “one time password”, generated by SOMETHING YOU HAVE, but rather some other regular static password) - in that case both passwords are THINGS YOU KNOW (i.e. you have only one factor). So in this example you have 2 steps, but only one factor. “2 step” and “2 factor” are not the same thing.
Thank you for video.
would really like to see a followup video covering use of a password manager for the unfortunately many cases where multi-factor auth is not supported.
Thank you. I use crypted mail services.
Considering the majority of threats are virtual these days I find storing this stuff physically is the way to go. I use a sort of one time pad to obfuscate it.
Always enjoyable and useful content from EC.
How about a video on Big Tech (especially Facebook) and the evl nature of Zuck
Ordering a Yubikey today
I think this says it all! :)
Hello from Russia. Thanks for info and videos.
Greetings from the UK!
Here I for another Sunday Experience!
Greetings Leslie! :) How soon Sunday comes around again.
Thank you Sir.
I hope you get to 1 million soon
Thanks! :)
More of this please
The one thing I was hesitant to use for a long time was a USB security key for my accounts but I will definitely get two of them soon. The one thing I do to reduce my security risk is to close/delete any old accounts for services that I no longer use. I know doing this does not guarantee that my account credentials will be removed from any company's system right away (or for accounts that cannot be closed/deleted), but I prefer the peace of mind that comes with reducing the volume of inactive accounts.
Closing old accounts is indeed very wise. I too was hesitant about USB security keys, but once I got an started using them I realized they are very good indeed.
@@ExplainingComputers Thanks for another great video! Now to figure out which Yubico USB security keys I should buy.
nice work
In Denmark you have to go to the bank in person to get a set of codes, and each code can only be used once, after that, you must go back to the bank in person, to get a new set of codes.
Sounds like a very sensible system.
It was similar in Finland; however, the paper codes ended, and now it is compulsory to use either a phone app or a little calculator thingy. Both work very well, and, of course, work with Linux. ;-)
So now you have to hide that sheet of codes somewhere? If your home gets broken into you also have to worry about your bank account... ya, I think I will rely on my memory instead.
@@ElmerFuddGun The Finnish system also needed a customer number and a conventional password in addition to the one-time code, so was quite a good system, and was used for about twenty years before it ended a year or two ago. Money transactions needed an additional confirmation code from a different section of the code sheet. The code sheet folded up the same size as a bank card, so you could keep it in your wallet or purse. If you loose your wallet in a Nordic country, then it is usually returned by anybody who finds it. ;-)
Next progressive step will be a pin calculator. Decent system. Here we also have digital ID system. You need ID card and card reader or mobile app (with correct/activated ID). Pin codes are on separate card. Hacking account is harder than your typical password.
Amazing Video
Bubble bee 🐝 is always on watch!
:)
Awesome video. I want one of these, but because I don't know how they work, I don't know how secure they are. Perhaps it should suffice that these major companies are using them, but I'm helplessly cautious on these sorts of things.
Thank you🌹⭐️
Now this was a topic I've been looking forward too for a while. As to my own passwords, I use a Pass-Phrase instead all run together. Some thing made-up like:
"She sells Seashells @10 for a Dollar! down by the Seashore.
This method works well, until your device has been infected with a key-logger...😒
What does the “Participation Medal” look like???? I have to sleep some time. Always great info. Thanks from USA!!!!
Hi great video Very informative Would you advocate getting the slightly higher spec Yubikey with NFC to protect accounts accessed on mobile phones (in addition to iPhone facial recognition) or is the 5C sufficient for laptops desktops etc many thanks
Great video
I always use words or character names from shows I watch the stuff I watch usually isn’t mainstream so most people are blind to the stuff I watch. I make sure to use a combo of uppercase, lowercase, and numbers and some symbols.
Thanks!
I use all things described here except the keys. My laptop has a fingerprint reader so whenever I want to see a password in Chrome or similar Windows 10 will ask for my fingerprint.
UPDATE 2021-11-21: I’ve now ordered a YubiKey 5 NFC (the one with a USB-A plug since most of my devices don’t always have a USB-C port available).
Thanks
Thanks for your support Brian. I hope that all is well with you.
Optimus prime will scan your biosecurities!
He’s more than meets the eye 👁