Yubico Authenticator vs Google Auth vs Twilio Authy - BEST 2FA App in 2024

Подписаться 123 тыс.

Просмотров 41 тыс.

50% 1

Get $5 a Yubikey 5 NFC: www.yubi.co/shannon-2024
Get a Yubikey and protect your accounts! amzn.to/3S8BSLL *
This episode is sponsored by Yubico!
Watch my Passkey episodes here! - • All About Passkeys
play.google.com/store/apps/de...
play.google.com/store/apps/de...
play.google.com/store/apps/de...
Becoming a Morse Code Member by checking out the perks linked here!:
/ @shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUBSCRIBE! 🌸 ru-vid.com?s...
TWITTER 🌸 / snubs
Patreon 🌸 / shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUPPORT MY WORK
Patreon 💛 / shannonmorse
Buy Me a Coffee 💛 www.buymeacoffee.com/snubs
Shop 💛 snubsie.com/shop
TeeSpring 💛 teespring.com/stores/morsecode
Coupon Codes 💛 snubsie.com/support
Tech I Use & Recommend 💛 kit.co/ShannonMorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
FOLLOW THE SOCIALS THINGS
Twitter 🌸 / snubs
Instagram 🌸 / snubs
RU-vid 🌸 ru-vid.com?s...
Website 🌸 www.shannonrmorse.com
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
TECH I USE AND RECOMMEND
My Kits, Builds, and Must Haves ✨ kit.co/ShannonMorse
My Amazon Influencer Page ✨ www.amazon.com/shop/shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
MY OTHER SHOWS
ThreatWire 🌙 ru-vid.com?sub_confi...
Sailor Snubs 🌙 ru-vid.com?s...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
GET IN TOUCH
Mail ✈
snubsie.com/contact
Email for Business and Sponsorship Inquiries ✈ Shannon@ShannonRMorse.com
My Media Kit ✈ snubsie.com/work-with-me
Sponsor This Channel ✈ snubsie.com/shannon-morse
Music from 🎵 Epidemic Sound: www.epidemicsound.com/referra...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
😍 FTC DISCLAIMER 😍
Affiliate links listed above allow me to receive a small commission. Any sponsorships for videos are noted in video and listed in descriptions. Any products provided as gifts are listed above. Thank you for your support!
Comment section code of conduct policy:
Constructive feedback is appreciated, but please leave unproductive, divisive and harmful conversation at the door. Hateful comments are not tolerated, and these kinds of messages will be automatically removed. Thank you for making this community a welcoming experience for all viewers :)
snubsie.com/code-of-conduct

Наука

Опубликовано:

3 янв 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 181

@AAtta-3286 6 месяцев назад

Way to go Shannon! I've been waiting for a showdown with 2FA authenticator's INCLUDING the Yubico authenticator. I use Authy for my home tablet and Yubico for my phone for better security when I'm on the go. I do think you might have mentioned that Yubico authenticator only works with version 5 Yubikey. Love the Yubico authenticator for PURE SECURITY on my phone Enjoy all your videos! Much health in the new year. Anthony

@michaelekpo4011 6 месяцев назад

Learn a lot about Yubico from watching your videos. You still remain one of the best. Thank you Shannon! Happy New Year!!!

@bigjoegamer 6 месяцев назад

I've heard that Aegis and 2FAS are good choices.

@watertrooper 6 месяцев назад

I wish she would have included Aegis.

@MaxMustermann-vy7ur 6 месяцев назад

Raivo OTP is also great and open source

@diegoleonetti2424 6 месяцев назад

I used Aegis in the past but that unfortunately is tied to android phones only. I ordered a yubikey 5 nfc to be independent by authenticator apps

@wop52000 6 месяцев назад

I use 2FSA. I'm happy with it.

@alpacamale2909 6 месяцев назад

Aegis is amazing

@BobCollins42 6 месяцев назад

Shannon, I worry about any discussion of digital security that doesn't address open source. Please don't ignore this elephant in the room.

@musicfan0022 6 месяцев назад

I choose Authy for convenience with multi-device abilities. Too risky for me to not have a backup in case my phone breaks, gets lost, etc. I think using any 2FA app at all is more/better than your average person does anyway.

@JamesDLegan 6 месяцев назад

Been using Yubico Authenticator for years. Love it and feel secure vs Google and Authy. 👍

@Private-GtngxNMBKvYzXyPq 6 месяцев назад

Great coverage as always. Thank you. And feel better soon.

@Scraws 6 месяцев назад

I love the yubico authenticator but it doesn't hold all my keys. It's has such a low limit.

@JAM35_ 6 месяцев назад

google authenticator uses an unencrypted HTTP connection, Google said they'd fix it months ago but have yet to do so. Google Authenticator is also closed source, and unlike alternatives, does not let you retrieve keys to use with a separate authenticator.

@MaxMustermann-vy7ur 6 месяцев назад

Google Authentificator is just bad …

@rainerrain9689 6 месяцев назад

So I can't use a Yubi with google Authenticator?

@JAM35_ 6 месяцев назад

@@rainerrain9689 correct

@rainerrain9689 6 месяцев назад

@@JAM35_ Well that's not good ,so now I have to find a video on how to transfer all my accounts to Authy which does,am I correct ?

@JAM35_ 6 месяцев назад

@@rainerrain9689 are you using google authenticator now? If so, you'll have to generate all new keys for everything, because google won't let you switch from google authenticator.

@cognetic 6 месяцев назад

Why did you not include Bitwarden or Microsoft Authenticator? Are these not some of the highest market share authenticators?

@MaxMustermann-vy7ur 6 месяцев назад

Doesn’t mean the are the best… or even good

@cognetic 6 месяцев назад

@@MaxMustermann-vy7ur Agreed.

@expat64 4 месяца назад

Great question, but I notice there seems to be very little to almost zero Microsoft related content in any of the videos for some reason.

@c.m.7037 4 месяца назад

Microsoft, lol.

@michaelthornes 4 месяца назад

quick tip: if you're storing your passwords in bitwarden, avoid storing your 2fa codes there too, especially for important accounts. you do gain security if the password itself is compromised, but if your bitwarden vault is compromised (eg by someone using your computer while the extension is unlocked), so are *any and all* of your accounts at that point. by keeping your 2fa codes separate from your passwords, you reduce risk of either one being compromised, even if it's a little less convenient at login time. I would always suggest keeping them on your phone, protected by biometrics and a different PIN/password (if someone tries to add their face to face id on an iphone using your unlock PIN, the 2fa app will then reject biometrics require its own to be used again - so that's still safe behind biometrics)

@brianalbertosalomonsevilla534 6 месяцев назад

The promo code is not working! neither is the link above it.

@bradleybratten4436 6 месяцев назад

2FAS is a great open source TOTP app

@audywavy 5 месяцев назад

What app is that in the iOS App Store can’t find it

@bradleybratten4436 5 месяцев назад

I searched “2FAS” in the IoS App Store and it came up as the second choice (1st non sponsored) labeled “2FA Authenticator (2FAS)”

@Damariobros 6 месяцев назад

I like Authy for its end-to-end encrypted cloud backups and syncing, using a separate password specifically for said encryption. I can have Authy on any computer or mobile device I want and it'll sync my secrets between all devices. I also appreciate how it has its own PIN lock and doesn't just rely on the device's Lock Screen code, even if you use biometrics it doesn't fall back on the Lock Screen code. Anyone who might happen to have my Lock Screen code can't then get into Authy and get my 2FA codes.

@MaxPower-11 6 месяцев назад

I agree. Authy has a reasonable set of additional safeguards which makes its cloud function more secure. That’s why I chose it as well.

@The_Nixie 6 месяцев назад

I was in the same place til I moved to a password app that incorporates an OTP generator and passkey functionality. There's argument to be made for separating the password and MFA - but then, i protect my password app with my Yubi ;)

@Damariobros 6 месяцев назад

@@The_Nixie I'm not sure I can trust myself to not lose a YubiKey, so if I get one it'll just be for convenience at my pc, and I'll still have my Authenticator app set up as well. Also if you lose your passwords you also lose all your 2FA at the same time if you have them together. I always have my backup codes and 2FA separate, and if I ever move over to a password manager, I'll have that separate too. Way less hassle if I have to undergo mass account recovery. With Passkeys, I'm waiting until Apple implements Stolen Device Protection before setting up any passkeys so that anyone who has my device passcode, e.g. a family member, can't just use my device passcode to access my accounts.

@The_Nixie 6 месяцев назад

@@Damariobros all true. I generally have multiple yubis + an auth app (for occasions when I don't have Yubi handy) - but no matter how you do it, your comment exemplifies why there should *always be more than one key to any lock. :)

@GengoSenmon 4 месяца назад

They are sunsetting the desktop app in a few days. Major disadvantage. No idea why are they are doing that. Very inconvenient.

@MinhNgo-qj1bt 5 месяцев назад

Hi Shannon, Can I buy 2 same YubiKey 5C NFC with USB-C or do I have to buy 2 difference kind Yubikey like USB-C and USB-A is that matter ? Please advise. Thank you!

@TonyPadgett 6 месяцев назад

I assume that you recommend your Authenticator app be separate from your password manager app?

@TheOpinionatedYouTuber 6 месяцев назад

Coupon code does not work for purchasing Yubico😢

@dexmark5 5 месяцев назад

Do any of these work on the iphone. would it work on linux with Yubikey and windoews 11?

@jmr 6 месяцев назад

If you're using standard Android then Google already has all the stuff the app collects. I just wish it was more clear on backups. I accidentally turned that function on then had to turn it off again. I was a bit annoyed because I don't want that feature. I'm perfectly fine manually updating my backup devices.

@xileets 6 месяцев назад

Edited to correct some info on the OAuth vuln, but also, to say, great video as always, Shannon! And to preface the following, I personally do like my yubikeys, I'm just exceedingly sparing in where and how I use them. Now... Something's been bugging me about 2fa with security keys and passkeys: Technically, if you don't need to input a password or OTP, these are NOT 2fa, and the security is still weak. Especially with the recent research reports of reviving dead OAuth session cookies. its important that everyone make sure not to disable passwords if optional when using a yubikey or other security key or passkey. And if password usage does not persist, its just 1FA. 😢

@Dobbo314 6 месяцев назад

@xileets Doesn't the cookie (stored on the device) count as one of the authenticators? So long as the same device doesn't also have the authenticator app too then any attacker would need two of your devices to breach the website.

@MaxPower-11 6 месяцев назад

How do you figure that passkeys are not 2FA? They satisfy something you have (first factor) and either a biometric (second factor) or a PIN or password (second factor).

@xileets 6 месяцев назад

@@Dobbo314 Correct, however, in some cases you can disable this requirement. And then there are relevant cookie vulns. There's a relevant CVE... Ill find and post below.

@xileets 6 месяцев назад

@@MaxPower-11 my first response was overly complicated. Yes, you are correct, if there is a second factor required. But some implementations allow just the use of a security key with nothing else, and that is not satisfactory on it's own, as some keys contain a single factor: something you have.

@lkfng 6 месяцев назад

I tried the code at checkout and its not valid

@janokartal5690 6 месяцев назад

Nice work Shannon 👍

@MelissaB0999 6 месяцев назад

Love my Yubikeys and their Authenticator. Wondering how to introduce my kids (preteens) to it on their devices, though? Is there a kid-friendly learning curve Yubikey you'd recommend, Shannon?

@Dobbo314 6 месяцев назад

Surely the issue here is to get them to "care" about security. I remember, when she was about 14 (she doesn't remember now she is 25) that my niece came to me asking bout Net Nutrality. She got why Net Neutrality was a good thing -what she didn't grok was why commercialism would want things differently.

@MaxMustermann-vy7ur 6 месяцев назад

Raivo OTP,2FAS?

@markboling5404 6 месяцев назад

Do you have one of these videos on apples keychain

@brianbrumfield3330 5 месяцев назад

Am I correct that if I loose my YubiKey and did not password protect the key then anyone who finds the Yubikey can install the Yubico Authenticator app and view the accounts stored on the key? I bought two keys (YbiKey 5 NFC) and trying to get my head wrapped around how to properly use them before I actually use them. I have the app installed on my iPhone and both keys open the app and that got me thinking something is wrong, where's the security. Nowhere have I heard anyone say to put a password on the YubiKey and I don't see anyway to add or remove keys from the Authenticator App - Still confused.

@utuber1000 Месяц назад

I got the tiniest Yubikey because it looked so cool and inconspicuous pushed into the side of my MacBook but it seems I can't use it because the part that sticks out is so tiny that nothing happens when I try to touch it, so I also bought the flat one the sticks out further but it seems to jiggle around and get knocked askew when I press on it. Any advice would be appreciated. I'm past the return period. I want to make these work since they seem to be the best solution, although I am surprised to not find most financial sites on the list which is the main thing most people want to connect.. Any suggestions?

@jeffhale1189 6 месяцев назад

Thanks for sharing. Blessings on your day!

@God77Particle 6 месяцев назад

💊 Get well soon and Happy New year Sailor Moon Shannon! 🌙

@Zachsnotboard 6 месяцев назад

I mean does it matter ? If it's not Fido2 then it all can have cookie sessions or tokens captured with a phishing link.

@diabeticnomad 6 месяцев назад

Can I attach yubico to my boarded insistence?

@OGSuperNaqash 4 месяца назад

Hello Shannon! This was very informative. I have a query I’m hoping you can answer: How many accounts can I keep a record of on a single Yubikey 5C NFC USB C variant?

@ShannonMorse 4 месяца назад

Depends on the protocol. I haven't hit the limits but here they are from a quick Google search: There are limitations with the YubiKey in terms of supported accounts. It can store up to 25 FIDO2 credentials for password-free logins, two OTP credentials, 32 OATH credentials for one-time passwords (when paired with the Yubico Authenticator), and an unlimited number of U2F credentials.

@OGSuperNaqash 4 месяца назад

@@ShannonMorse thank you so much for replying. I ordered my first pair just yesterday! Your video helped.

@ronald0122 6 месяцев назад

what do you think about Ente?

@shotbyarian 6 месяцев назад

tbh for 2FA i don't see why a yubikey makes sense .. anyone can just tap their phone and have my 2FA keys WITH my email .. compared to my phone where i have face unlock and am less likely to lose it compared to an extra device like a yubikey

@arthurmarek8418 6 месяцев назад

I use Authy, I had Yubikeys but lost one, broke one etc, that's why I don't use them any more. I would be forever looking for my Yubikey whereas Authy is on Ipad, Iphone, Android ohone and desktop, lot's of backup.

@Dobbo314 6 месяцев назад

I have two Yubikeys. One lives on my key ring (with my car key) so it is always in my presence, the other on a lanyard that hangs near my workstation. I think you are doing something wrong if both your keys are not readily accessible. By doing this I consider the chance of losing both keys is as close to zero as i can reasonably make it.

@arthurmarek8418 6 месяцев назад

Yes, I think I will get some and try again because they are the best solurion, maybe get three!@@Dobbo314

@mcpeko5773 2 месяца назад

Great video. I'm trying to transfer my accounts from Twilio Authy to Google Authenticator.

@amoenus_dev 5 месяцев назад

It's good to see some comparison of 2FA apps. But I have to say that the list of apps is far from comprehensive. Okta, Microsoft should be included as they are often used at workplaces

@zetectic7968 6 месяцев назад

Link does not work.

@itsreallyme9291 4 месяца назад

Did you consider privacyIDEA? It's my personal fav. Open Source, all important token types are supported and all data remains in your hands. Basically, you yan create your own 2FA server without being dependent on others.

@Thatcrazydabi 4 месяца назад

Which is best??

@iSucrose 6 месяцев назад

Do you think it's risky for me to be using the authenticator from my password manager?

@ThatNateGuy 6 месяцев назад

It can be, yes. I used to keep many of my TOTP keys, recovery keys, and stuff like that in my password manager, but since migrated them to Standard Notes. By separating them, an attacker now has to compromise both my password manager and SN in order to fully compromise my accounts. I hope that's a useful and satisfying answer to your question!

@reggieregg3799 5 месяцев назад

How does that protect me frm somebody trying to swap my sim card ?

@BlueFlyer83 3 месяца назад

Watching this made me feel even better for buying my wife and I Yubikeys.

@tgleave 6 месяцев назад

The affiliate link for $5 off a yubikey is invalid!

@TheSolarPvP 6 месяцев назад

I noticed that too!

@portman8909 5 месяцев назад

If it has the option for cloud avoid.

@djo5296 6 месяцев назад

is it just me or is the audio left side biased hmmmm had to turn off surround sound for this video

@fredzibulski3111 6 месяцев назад

I'm using Yubikey authentication and Aegis authenticator. Also looked down my windows, pop_OS!, Kali Linux with my 2 Yubikeys. Love your style and videos and all for Yubikeys

@ananamusly 6 месяцев назад

Missing keepass databases 😊 use a separate file only for 2fa

@Rednunzio 5 месяцев назад

Would using the Yubico app have the same level of security as using the key directly as 2FA and not to generate TOTPs?

@ShannonMorse 5 месяцев назад

Uhhh I'm not sure I understand your question. The app requires you to unlock it via a yubikey. When using the yubikey on its own as MFA on websites, it depends on what protocol the websites is using (FIDO U2F, TOTP, etc etc). Time based codes are never gonna be as secure as FIDO U2F since codes can be stolen.

@Rednunzio 5 месяцев назад

@@ShannonMorse using the YubiCo app the codes are generated only if the hardware key is brought close. If I don't have the hardware key I can't do anything. Similarly, if I set the hardware key directly on my account, Google for example, as a 2FA system, no one will be able to enter unless they insert it or bring it closer to the device being authenticated. In both scenarios, security is linked to the hardware key. I hope it was clearer. thanks for the previous reply ☺️

@BrianGlaze 6 месяцев назад

Find you a friend who is dedicated to you how Shannon is dedicated to security 😂

@BrianGlaze 6 месяцев назад

The safest password in existence "chicken"

@Asfgxff 6 месяцев назад

How Shannon is dedicated to ubikey.

@theodat 6 месяцев назад

Is it possible to export my Google Authenticator Codes to my Yubico?

@ShannonMorse 5 месяцев назад

No, you'd have to re authenticate your yubico on the websites you originally sent up 2fa on. You'll need that QR code again

@zhiqiangzhou540 6 месяцев назад

Is there a limit on how many codes can be stored with yubikeys?

@dwsharp 6 месяцев назад

They hold a maximum of 32 codes

@zhiqiangzhou540 6 месяцев назад

Fantastic, so if I more website with 2FA I would need more keys. This is a bit sad.

@portman8909 5 месяцев назад

@@zhiqiangzhou540they will increase limit for yubikey 6

@NelsLindahl 6 месяцев назад

Great video! Next time type in "subscribe" instead of "chicken" as your sample password ;)

@shinjihirako4773 5 месяцев назад

4:00 the app actually is like acting as a viewer for your yubikey hardware where you can view the stored 2fa/mfa. no need for syncing because you already have it in the palm of your hands, imagine it if it has a screen/display you will not be needing the app anymore.

@jmr 6 месяцев назад

Twilio drops Authy Desktop app. Too bad that news didn't come out before Shannon made the video.

@zerokool-2058 6 месяцев назад

Didn't Twilio have a data breach ??

@shapelessbb 6 месяцев назад

Using bitwarden. Is it a bad practice to use the authenticator thats built in to it? Putting all my eggs jnto same basket? I do use yubikeys btw

@ThatNateGuy 6 месяцев назад

@iSucrose asked a similar question above and I gave what I hope was a good answer to it. At the end of the day, it depends on your risk tolerance and threat model. I know that's a common thing for security people to say, but it really is true. 🙂

@mrkmdz 6 месяцев назад

It comes down to what you're trying to protect, and from who. I.E, as @ThatNateGuy states, your risk model. TOTP with Bitwarden is very convenient. But some would argue that putting both your passwords and your TOTP's in a single app and single device defeats the purpose of 2FA. If a bad actor can gain access to your Bitwarden account they get both credentials. But even just using a password manager and an authenticator on the same phone increases your risk if someone steals or impounds (think a law enforcement or border control agency) the device. It doesn't have to be an all-or-nothing decision. I use my password manager for TOTP on low- and medium-risk sites, and a separate authenticator for high-risk sites.

@Dobbo314 6 месяцев назад

@mrkmdz But if you use a Yubikey (or two) to protect your BitWarden vault then doesn't that mitigate the risk? This is what I do. I like the fact that to add my BW vault to a new device requires one of my Yubikeys. And to gain access to BW requires the pass phrase or a biometric scan, so there are always two factors needed.

@mrkmdz 6 месяцев назад

@@Dobbo314 In general, yes. You need your BW passphrase + Yubikey to authorize a new device to access your BW vault. Then you need possession and control of your phone + biometric identifier + a memorized secret (either the BW passphrase or PIN) to unlock the phone and open the BW vault. Both of these processes are protected by at least two strong (AAL2) factors.

@camera7339 6 месяцев назад

I just find the google auth app is very easy. I'm thinking that carrying around a youbikey would just be a way to possibly lose it and not be able to log into sites. I don't let google back up my codes fyi. Thanks for all your work on security, it's very helpful.

@genericdude6551 5 месяцев назад

Is that your natural hair color?

@stevenpugh5412 6 месяцев назад

I wonder how soon it will be before we need authentication apps to access the authentication app. I wonder how soon off retina scans will be or every device has a DNA sequencer built in to verify identity? Like the Enterprise D in the background.

@ErnieBabinski 4 месяца назад

As of March 2024, the Twilio Authy Desktop application will no longer be supported, which means the application will no longer receive updates, bug fixes, or security patches. Users of this application will need to switch to other supported authentication methods to ensure the security and safety of their data.

@kimbapslayer1995 7 дней назад

I can't imagine taking a physical 2fa key with me everywhere I go. Just doesn't make sense.

@ShannonMorse 7 дней назад

Keys? Wallet? ID? A dinky key fits in my wallet no problem. But also cookies keep your phone logged in. Do you have to use 2FA every time you open an app on your phone? Probably not - if anything biometrics allow you to open your secure apps. You're not using a hardware key every day - you use it for your new devices and anything with public access.

@technicalsagarindia 6 месяцев назад

Good Work Shannon. Love from India

@ArionXeno 6 месяцев назад

My Google Authenticator is protected by FaceId.

@MaxMustermann-vy7ur 6 месяцев назад

Google Authenticator is bad

@sunline4910 4 месяца назад

i new well before the end yubico would be the winner cos they sponsored this video , but good vid

@jasonperry6046 6 месяцев назад

Aegis vs Ybico

@salty6pence672 6 месяцев назад

Happy Happy 🎉🎊🎇

@BosleyBeats 6 месяцев назад

More like hoarse code….? Ehhh ehhh? All bad shit jokes aside, get well soon. I just had pneumonia gifted to me by my coworkers and almost died. Not an awesome way to spend Christmas. You rock and get your rest lady!!!

@arkvsi8142 6 месяцев назад

Don't use the ones from google or microsoft, if you do....just don't use anything already

@MaxMustermann-vy7ur 6 месяцев назад

Yeah these two are just bad

@vanoy13 6 месяцев назад

It's 2024, and I still love Shannon's nails

@Dobbo314 6 месяцев назад

But what is up with her hair?!? There is only one tint in it! I'm only posting this because I can remember a post where she bemoans derogatory comments about her tints. What drew me to this channel was her approach to the topics she covers. I like the way she thinks; it aligns mostly with my own; and where we differ makes me reassess my own thinking. I'm not saying that I always agree with her - but her presentations allow me asses my own constructively.