Yubikey 5 - a Hardware 2FA - Is it Useful? - Review

Подписаться 465 тыс.

Просмотров 142 тыс.

50% 1

Reviewing a Yubikey 5 Nano. I've had this device for over a month and I will show you the pluses and minuses of this device and this form factor in particular. Showing you how this can be used for 2 Factor Authentication as well as other uses for logging in.
Yubikey is a Hardware Authenticator for 2 Factor Authentication as well as having other options for supplying passwords. This replaces the common method of doing verification codes via text or email and intends to simplify 2FA.
In this video I talk about how I put it to use and if this (a) improves the login process and (b) increases my internet safety.
I'm the Internet Privacy Guy. I'm here to educate. You are losing your Internet privacy and Internet security every day if you don't fight for it. Your data is collected with endless permanent data mining. Learn about a TOR router, a VPN , antivirus, spyware, firewalls, IP address, wifi triangulation, data privacy regulation, backups and tech tools, and evading mass surveillance from NSA, CIA, FBI. Learn how to be anonymous on the Internet so you are not profiled. Learn to speak freely with pseudo anonymity. Learn more about the dangers of the inernet and the dangers of social media, dangers of email.
Contact Rob on the Brax.Me App (@robbraxman) for encrypted conversations.
-------------------------------------------------------
Amazon Links
Yubikey 5 NFC
amzn.to/2uMEwg2
Yubikey 5 Nano (USB-A)
amzn.to/2HYoUyB
Yubikey 5C Nano (USB-C)
amzn.to/2HXdRFI
-------------------------------------------------------
bytzVPN.com Premium VPN with Cloud-Based TOR Routing
whatthezuck Cybersecurity Reference
brax.me Privacy Focused Social Media - Encrypted Communications

Наука

Опубликовано:

8 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 303

@robbraxmantech 5 лет назад

Within seconds of posting this video, a shill already put a thumbs down. LOL. If you're a Yubikey competitor, why don't you send me a review copy of your product instead? Zucked up!

@robbraxmantech 5 лет назад

Watch my video on creating 2FA without a phone number. That's my alternate factor. Unfortunately registering multiple hardware 2FA's is not universally allowed (example is Twitter). As the this video shows, if you have one form factor (USB-A), you will not be able to reuse the same hardware on a USB-C. If you go to the end of the video, my wishlist was to be able to sync multiple Yubikeys.

@varun_chunduru 5 лет назад

So you're saying that we cannot use a Yubikey 5 NFC with Android mobile using a type-A to type-C converter ??

@robbraxmantech 5 лет назад

@@varun_chunduru No you cannot use converters of USB-A to USB-C. Which makes sense because if you can put one of these on a hub, then in theory you can intercept the traffic.

@varun_chunduru 5 лет назад

@@robbraxmantech Have you tested it ? Using Yubikey (type - A) using converter to a Android mobile ??

@robbraxmantech 5 лет назад

@@varun_chunduru Yes of course I tested it.

@chuckbecker8735 3 года назад

This whip smart, honest, humble man is on our side and is working to protect us. Valuable gift to us.

@rameshchhablani7457 4 года назад

A very good description and use of the Yubiko Nano key. I am going to buy this key. You answered the many questions I had as I wasn't sure which Yubico 5 to buy. Thanks

@robbraxmantech 4 года назад

Thank you for watching!

@melblacke5726 2 года назад

Thank you for this video. This was extremely informative, very straightforward and the only video I have viewed on this subject that clearly explains the form factors, their names and respective uses and exactly how it might work (or might not) work with a password manager.

@DavidMatthewC 4 года назад

Thank you for making this video. You answered a lot of questions I had that I couldn't find the answers to anywhere else. I subscribed, and look forward to seeing future videos you create! Awesome job friend! :)

@robbraxmantech 4 года назад

Thanks my friend!

@Seanofthemurray 4 года назад

I appreciate your insights. I've been coming across your videos a lot recently as I'm starting to take internet privacy seriously. Byproduct of studying cybersec in preperation to switch careers. Thanks virus!

@jonesjl99 3 года назад

You may want to update this video. I’m researching these now and listening to your video it is outdated. 1 - you can use them with Windows now, 2 - you can use a USB-C to USB-3 converter to switch between devices. They are about the same size as the nano, 3 - some sites allow you to use multiple keys now. Probably not the best security option, but would allow you to have a backup key stored safely away. Good info though...

@stellaandcoop1820 2 года назад

Rob, your video was the best one I found on the yubikey. I found that the static password works great for lastpass master but you can also add your own unique portion you type and then long press the yubikey to have the static fill in the rest of it. then short press for the 2fa from the yubikey. i got the nano based off your review and it's amazing on a laptop. i got the yubikey 5 nfc as my alternate and works great on anything including a lightning to usb adaptor i already had from apple ... and nfc to my iphone XR. these are cooler than you think because they allow you to stay logged out of password manager and log in quickly when desired.

@Kaffeguy1 4 года назад

Thank you. you cleared up a lot of information in an easy to understand manner. I look forward to seeing more of your videos. I've subscribed. R. Varela

@mrsidtub 4 года назад

I subscribed to your channel. I am using a Yubikey that I just received from the manf., I think that this type of security management is going to be the next BEST think. I remember when we used some software in a project way back when and it would NOT allow you to use that package w/o the dongle that is what they were called then and I thought it was great and a pain in the ass sometimes because it was used on multiple machines, each needing it's own expensive key! Thanks for the in depth review.

@GrowMoneyWithAI 4 года назад

I LOVE my YubiKey 5 (nfc) used for iPhone X and computers.

@Wasko2 3 месяца назад

I love this guy. Thanks for all you do Rob. Life changing info on every video.

@briianhebert 3 года назад

Thanks for the video! I have tested a USB A to USB C adapter and it worked on my Galaxy phone just fine for use with Yubico Authenticator. I could also use NFC of course but it is a pain to always have to turn on NFC and try to find just the right spot on the back of the phone that will read the key. Also the Static Password is super easy to set up and use with a user defined password, just choose the Scan Code button in the menu instead of Advanced, choose your keyboard type and then enter your desired password then write to key.

@ankersman Год назад

This setup works just fine with my Xiaomi 9T phone.

@DKH83 4 года назад

I have the same experience and could live with it and so I have decided to return the product. It also did not work properly with android NFC. I will give this another go it they have fixed what you have mention in the last section of your video. Great video by the way.

@robbraxmantech 4 года назад

Thank you. I don't use it much now myself. I'm mostly using TOTP (Authy etc).

@wh3927 3 года назад

Thanks very much for this - I'll look up something more recent too but this was a good intro to user thoughts.

@RussellSmith-nv2je 5 лет назад

Thank you Rob, this is a great review

@robbraxmantech 5 лет назад

Thank you for watching!

@yeayea8334 Год назад

0:47 2Fa 3:36 2 specific uses: 2Fa and static password 3:52 Yubikey and 2Fa 6:20 password manager 9:35 Yubikey on mobile phone 10:40 if you lose Yubikey 11:10 Yubikey and burner phone 11:28 Yubikey and computer: how it works 12:22 Yubikey nfc vs nano version 13:56 Yubikey static password vs 2Fa password 15:00 summarize

@demeaningplebny1363 4 года назад

Very nicely done with some good tips and arguments brought out.

@robbraxmantech 4 года назад

Thank you!

@email16v 4 года назад

You did very good to discuss this device and appreciate you sharing your thoughts. I was given one as a gift today. I'm familiar with the devices and found them to be more headaches than it is worth. I use LastPass, change my passwords frequently, and have MFA authenticator setup. For the most part, I think I'm managing passwords well without another device yet, now that I own one, I will do some testing. Who knows, this may be the device my wife is looking for since she gets really peved when she has to enter her password. She likes the biometrics (fingerprint) a lot and is trouble-free. Maybe she'll want this for her laptop (with USB-C). Thanks again!

@fnd237 4 года назад

Man in the middle attacks are rare but you're not protected against that without origin detection, which YubiKey provides.

@butmunchass Год назад

@@fnd237 Right on. Man in the middle attacks are actually very common. If you are tech savy you can usually avoid them but for old/tired/lazy people YubiKey is great. My mother tried to get me to give her a security code that was emailed to me. She was about to give it to a scammer that fooled her into trying to get her to turn it over.

@azenkwed 4 года назад

Very informative, thank you!

@kennb.4169 3 года назад

Thank you for the insights, your wishlist is the reason my yubikey isn't used.

@christineescajeda8167 3 года назад

Thank you for sharing you are very smart Loads of information trying to keep up

@rbotvinik 4 года назад

very useful summary, thank you so much

@antoinetteokeefe3749 2 года назад

WOW this was a really great video review !!

@DMain-tb8ye 4 года назад

The concern about having nfc in the usb seems moot as if you leave the key plugged in all the time - you risk someone just using/tapping the key and entering - this circumvents the advantage of 2FA (something you have rather than just know/password). It should always be kept with you.

@ops70 4 года назад

Excellent review! Thanks!

@ops70 4 года назад

Very detailed video. Thanks!

@clewlem 4 года назад

Thank you, very informative video.

@robbraxmantech 4 года назад

Thank you!

@realhardpolitics-com5124 3 года назад

Agree with your wish list 1000%

@dleivam 3 года назад

Awesome review, not like other sold out bias youtubers that only mention the good things and "forget" the bad, only because the receive free stuff.

@BannorPhil 3 года назад

@ about 17:20 or so: Factually incorrect. I am using my USB C -based Yubikey in my computer with an adapter to fit into a USB A slot. It works perfectly.

@StoicSimp 2 года назад

Interesting. If this is truly the case then maybe some adapters have combability issues while others do not. And maybe Braxman happened to have an incompatible one? I also have an adapter that I may try out. Not sure if there would also be a security concern in the case you buy some shady 3rd party adapters off like ebay that happen to be harboring malicious software.

@BannorPhil 2 года назад

@@StoicSimp My adapter is a standard, plain USB-C female to USB-A male adapter - it's even smaller than the Yubikey (but a bit thicker).

@huestifer 3 года назад

You can duplicate the Yubikeys I have done this for years. At 10 minutes the video says you can't have two identical Yubikeys that are the synced on two different computers. You should use the Yubikey configuration tool. You can wipe the Yubikeys and make them all the same.

@jacklewis100 2 года назад

When one changes (i.e. you add a new account), do you have to bring them back together to re-sync. them ? i.e. I can't have one in LA and one in NY permanently...I'd have to fly one to the other every time there's a new account ?

@huestifer 2 года назад

@@jacklewis100 I doesn't work that way you don't have to change the key configuration every time you add a new account. The keys are made identical if you want using their configuration tool. Then you can give two or more people no matter where they are a key. they all have the same level of account access. You just keep pairing any one of the keys to each new account you make then they all will work with that new account.

@jacklewis100 2 года назад

@@huestifer Ah... so the key doesn't actually store any accounts - it's the accounts/web services which become aware of the permitted keys! Thanks. That makes a lot more sense.

@sophiesmith5922 2 года назад

@@jacklewis100 There is also a corporate version of the yubikey that allows you to control logins to a corporate server, for example. They also have tools that allow businesses to create more than one key at a time for a large business enterprise.

@Quinqx 3 года назад

Anyone who uses a Yubikey with LastPass; LastPass allows you to register multiple keys. This allows me to have one key in my private laptop and have a separate (NFC enabled) key in my bag when I leave home without a laptop. It also gives me the ability to access my personal vault when on business travel with just a business laptop and business related Yubikey. When it comes to using a hardware key with KeePass, I really never used a browser plugin but just used Auto-Type function to fill the username and password fields. In case someone would like to use that combination, try it and see if that's what you were looking for.

@waynestewart1919 3 года назад

You can register a second physical key. It is great as a backup in-case of lost/stolen or damaged keys. (And if you get two different USB types then that solves this issue.(btw NFC authentication doesn't work with most mobile browsers. Apps only.)

@uniquechannelnames 2 года назад

Not every site allows 2 keys. But you're right it only makes sense to allow 2 for backup reasons.

@crabsodyinblue 3 года назад

i got me the 5Ci, with a seperate USB-C to USB-A adapter (€12) to use it on mac, iphone and windows machine

@daixtr 4 года назад

Helpful review, I learn a lot. It sounds complicated. It can only store one password? If it is lost, what are the steps to protect ourselves, is there a revocation process?

@shtumpa1 3 года назад

You can register more than one USB key to an account and for 2fFA APP you can assign more than one key..

@martinlutherkingjr.5582 3 года назад

What is “2fFA APP”?

@gabeg.4583 5 лет назад

Nice in-depth review, and dispelling common myths. Here is what I'm wondering: For any account that has a backup 2FA SMS enabled, isn't that still the weakest link in the security chain?

@robbraxmantech 5 лет назад

It is and I hate the use of phone numbers for many reasons to begin with. I have another video on doing SMS 2FA without a phone number. Is that any better? Better for privacy but someone with access to SS7 hacking can intercept the SMS. The better backup is TOTP (Google Aythenticator or Authy).

@StevoDesign Год назад

Consider using a number tied to a web service like Google Voice no SIM card, this can make it on par with email OTP in terms of security since someone would need access to your Voice account instead of just being able to scam your carrier into spoofing your sim card.

@jmr Год назад

I've been using them since 2017 for online verification and always been able to use multiple Yubikeys with EVERY service that supported them. In fact a minimum of 2 has always been RECOMMENDED in case one is lost or damaged. I question the management of any service that allows 1 but not multiple Yubikeys. I have also been using USB A to USB C and Micro adapters for phone and tablets. If adapters didn't work for you that incompatibility was elsewhere.

@livewire98801 Год назад

He's conflating WebAuthn and/or FIDO2 with YubiOTP. There are services that only allow one YubiOTP entry (though Lastpass allows up to five, so it's not a technical limitation), but any that use then as Fido(2) / WebAuthn allow and even recommend setting up more than one.

@antonygoedhals6272 3 года назад

Hi Rob, you can in fact use the series 5 usb A on a USB C computer, with a converter dongle.

@sophiesmith5922 2 года назад

Rob, leaving your key plugged in leaves a physical security risk as a person couldclone the key, given time and physical access. Most people dont worry about this at home, but having had a PI break into my house (your home is not nearly as secure as you think!) I learned to not assume anything. Bathroom break at home, ok. Leave it when you go to work...nope!

@wildmanjeff42 2 года назад

Thanks for the video!

@jeremymarquart1065 2 года назад

Hey Rob, thank you!

@thelongslowgoodbye 3 года назад

Rob, they make a combination Yubikey which has both USB-A and USB-C connectors on the one Yubikey. Moreover, you can program/clone more than 1 yubikey so it shows up as the same key across multiple devices.

@petrslavik4356 3 года назад

Can you provide a link please? I found only combination of usb c and lightning

@uniquechannelnames 2 года назад

Sooo if i'm getting this right, if I had 2 yubikeys and say yubikey #1 was used for my Google account. If I clone the 2nd yubikey to be identical to the 1st, and then lost yubikey #1, I could use #2 in it's place for logging in?

@livewire98801 Год назад

@@uniquechannelnames You can't clone Yubikeys. But you can register more than one.

@digitalfuturego3588 5 лет назад

Perfekt review

@robbraxmantech 5 лет назад

thank you!

@mikemcgrath3814 3 года назад

@10m00s: You can only use one device with one key on one account. You can't sync multiple different form factor Yubikey's and access the same account via different hardware. Uhh, okay, wow. Thank you for saving me the time and effort!

@Runenaldo 3 года назад

Its not true, you can setup multiple keys to the same acounts and have them as backups, I dont know where this man got all his misinformation from..

@andrewwood1900 3 года назад

love your videos, I more or less figured out quite a few of the same concepts myself over the years- the only thing i'd say is there's a lack of open source since I think the 3 - neo , and for all the RF stuff they offer, i'm sure a capable chap such as yourself could brush past a phone with near field switched on (for these keys and their convenience) and steal a bunch of creds from the phone concerned. If you build one of those and go to a concert you can walk out a millionaire... Other than that , I do like the things, just switch off NF on your phone.

@sophiesmith5922 2 года назад

It would be extremely close and obnoxiously noticeable. Less than 3 inches, and you must also tap the yubikey button to trigger it. Dont try this near someone's back pocket. If they step back slightly and touch your hand, you may end up being charged with groping and wind up on a sex offender registry. Yes, NFC is that close.

@flynntsang Год назад

Assuming one could get close enough, how exactly would an NFC-enabled hacking device steal creds from a victim's phone? The two devices need to be configured to trust each other first, no?

@AnthonyDomagas 5 лет назад

Great review. Do you know if the USB C key has the option to configure 2 static passwords. BTW have you figured out how to configure your own static password?

@robbraxmantech 5 лет назад

I don't know if they've changed the software since but at the time I made the video, you can only configure one additional use (static or TOTP). The way it works is by touch time. If you touch it for a few seconds it is mode 1. Longer (10 seconds or so), then you get mode 2. So if you use a Yubikey for static only, in theory you can get 2 static modes. Or 2 TOTP modes are any combination of 2.

@DQ940 3 года назад

You can use multiple yubikeys. You should have a backup because if you want all the benefits of using a secure key then you ought to be turning off other weaker methods of authentication like cellphone/mobile authentication.

@TheYoungerSemiOldMan 5 лет назад

I appreciate the videos, and no, you don’t have to make them shorter. I watch them as you go into depth which is what we need to understand it. I have questions: 1) I bought 2 yubikey 5 NSD 2) outlook live was tested first ad worked fine after it asked to create code 3) added 2nd and was fine 4) tried google, failed 5) tried in chrome, failed with endless spinning until it gave a message stating it needed to be plugged in 6) restarted computer, gmail failed again to sync with same errors 7) I have never found anything that explains how many emails you can apply 8) I haven’t found anything that wipes the whole thing to start from scratch or updates that don’t require intense DOS style script for each “applet” where directions are difficult to follow 9) support to LastPass and yubico has been sent and have gotten zero responses 10) how far am I off? Is it a software thing? I saw a video where the thickness of the usb section varied and could be part of the problem, no? Thanks in advance.

@robbraxmantech 5 лет назад

That's a long list! LOL. There's a lot that you didn't read. For example, Lastpass only supports Yubikey using their Premium version. But I don't use TOTP with Lastpass, I just use it as a master password. Which requires some setup. There are always ways to disengage TOTP from any of those websites. Just remove the 2FA and start again. Many websites don't allow two TOTP devices. If it failed, try it again something didn't get processed right. For example, if you tap on the device too long. It should be a brief tap. A long tap is considered to be the 2nd mode (which is for a password)

@Retro6502 4 года назад

I don't see them giving the ability to sync multiple keys. That would be a security issue because it would make it possible to clone them. The whole point behind the secure element is that it can't be read/replicated once it's manufactured. They could create duplicate physical keys in the factory, and maybe that's something they should off (like a set of 2 identical keys) but it would really reduce the security if they could be altered after manufacturing.

@marcespina1 4 года назад

Not true. You can use two keys at the same time. I have both the nfc YubiKey and the 5ci YubiKey. Whenever you set up 2FA, you get a QRcode from the website. You just scan the code with the YubiKey app, swap your key, then scan it again. Now both keys will have the 2FA codes.

@youtuveunvideo 4 года назад

@@marcespina1 what Retro is saying is of course true. He is saying that a private key should never leave an HSM. You are saying that several public keys can be registered as authorized keys to access a service. So you are both right, you are just talking about different things.

@six10kenny 4 года назад

Thanks for the vid Rob. I have been researching tightening up my security in all areas, and considering Yubikey as well. I like the idea of using it as a ststaic password for my Mac as well, though it comes to mind that if you were to leave the nano plugged in, or your yubikey around, and some one managed to gets physical access, in the event of a theft, break in, or confiscation, which I have heard is happening more often at airports now so they can access all your data. But thats a story for another day. Isnt this leaving you very unprotected? Seems it would make accessing your computer and files even easier.

@robbraxmantech 4 года назад

I would only use a static password case if I were sure of my physical security like at home. I wouldn't use it in an open work environment.

@KevinJohnsonIstMein 4 года назад

You can also use the static password and add your own extra characters to the end of it for better security.

@starshine_Ultra 3 года назад

I use the yubikey usb a and usb c with their own converters to switch with computer and mobile, it is best used with 3.0 converter that will make it work. If using the standard converters that aren’t 3.0 then it doesn’t function properly.

@andrewwood1900 3 года назад

the other thing i'd add is I agree don't buy two - the marketing is that if you lose your first one you're stuffed - but if you're concerned and want to start out exactly where you left off - these are factory produced things, so all you do is with Yubikey #1 - get the hexadecimal crypto stuff from the manager, print it off and shove it under your floorboards and hope you never need it - but if you do, just buy another one and put the same hex data in. pwSafe is a good password management option to use with, it'll do PK authentication so with your long password in the regular box it's pretty much unbreakable as it's 256AES

@ifodaniell 4 года назад

If you're going to use the static password facility of the key, you should have a prefix that is NOT on the Yubikey that is appended by the "fixed" password stored on the key in case the Yubikey is lost or stolen. In other words, if the static password is "hd7QWh%^87hd", then make your "master" password something like "6592" (typed by hand) + "hd7QWh%^87hd" (activated by the Yubikey).

@robbraxmantech 4 года назад

Nice idea

@sophiesmith5922 2 года назад

very smart! Prevents access by device cloning. 😎

@sbinvllc2252 3 года назад

Does the Yuibkey have upgrades to the software? Who controls the software updates? I know this seems to be the best option in the market but I am always trying to see any possible vulnerabilities. No, I wasn't born skeptical, well, maybe I was.

@andre1987eph 2 года назад

Thanks good review

@garykray 3 года назад

I appreciate your review. Doe's it work with Yahoo?

@Gokturk4Life 2 года назад

you can use OTG to convert USB to USBc or LIGHTNING

@Alexandru642 4 года назад

hi i bought no long time ago yubikey i can't setting it up on binance and they requiered me to add a PIN manually now i am concerned about that PIN it could'nt be taken by physhing is it actually saved on my yubikey or is just a PIN which is used before and when i press the yubikey device it does generates another code? many concerns about please somebody HELPP! thank you

@rotflol6666 Год назад

the USB-C with an USB-C to USB-A adapter solves your problem, also most apps/accounts support a second / third backup key

@mr.amsterdam2063 Год назад

Video already cpl years old, he also mention the hardware should change maybe every year.

@LWRC 5 месяцев назад

As this type of 2FA devices offer some level of security, it brings a whole host of inconveniences and other issues. I think I will stay with my existing security protocol with very strong password management with 2FA and leave it at that!

@millanferende6723 4 года назад

There should be a adapter over the top of USB-A, that can be USB C or Micro USB. This way you have all of them.

@mikenazarof3212 3 года назад

Sir, in your opinion do printable backup codes make an account protected with security keys more vulnerable? For example, Google back up codes are only 8 digits.

@sophiesmith5922 2 года назад

its not the code length. Its that if someone manages a password heist and logs in once, they can copy codes and use them in place of 2FA and lock you out of your account if they so choose. I had my comcast xfinity account hijaacked by a PI due to their poor security practices. I then had 2 different gmails hijacked that were used to impersonate me while I am locked out of them. That is beyond the scope of a normal PI, Its just creepy, but consider that in order to do that job you have to have no ethics anyway...

@1docwebb729 3 года назад

Have you looked in to ellipal titan let us know if they will comp you one for a review on a new video, thanks great content.

@TaximanGlen 2 года назад

My Yubikey is of USB-C form factor and I simply use a C-to-A adapter to make my key fit any device I may use.

@d-boy1644 3 года назад

Great explanation ✅✅✅

@eganzale 2 года назад

Do you know if consumers can use the 5C FIPS series keys? I'm wondering if the regular 5 NFC series differs from the 5 FIPS series other than the added level of security on the FIPS. I ask because I'm wondering if let's say you want to secure your gmail account with the regular 5 series, can you also do it with the 5 FIPS series? Or are most accounts the average user utilizes only compatible with the regular 5 series and not the FIPS series? If I can still use the FIPS series that has government level 3 encryption vs. the regular 5 series, which only has level 1 encryption, than I'd rather just make the investment and pay slightly more for the FIPS version and get added security but I'm not sure if it's ONLY for government use or can regular consumers use it to and for the most part it would still function like the regular 5 series but with the added protection? Thanks for making your content, it's valuable in today's digital world 👍❗

@eibmoz76 4 года назад

I didnt quite understand. Does the YubiKey 5 Nano work on Windows 7 and which browsers are compatible, like does it work in FireFox and Brave?

@robbraxmantech 4 года назад

A Yubikey works by emulating a keyboard. It's really simple technology if you think about it. Thus it is compatible with everything

@GiC7 4 года назад

Thanks

@robbraxmantech 4 года назад

Welcome

@fabriglas 2 года назад

Can the clipboard be comprised or reviewed afterwards?

@TH-oh8cw 5 месяцев назад

This is mostly old information. For up to date info on yubikey look at more recent videos. In 2024 things have changed regarding this security key and points made on this video.

@ISKCONRigaTemple 4 года назад

Your review lacks demonstrations for completeness. But overall good review, thanks.

@GeneBasler 3 года назад

So wait a minute you’re cool with using AWS for your cloud storage? I’m trying to move away from them as much as I can because if there is Susie as him about the surveillance state

@JeffSmith03 3 года назад

There is good reason why you cannot sync or copy to another key, and likewise you cannot copy the same to Google Authenticator. If you could, it would make this whole thing useless because the hacker or someone with momentary access to the key could just steal everything without your knowledge. Instead just add your backup key as a second device to unlock your account.

@musiceditor7083 5 месяцев назад

Do sites where you use a Yubikey store data about your fingerprint if you use a biometric key/ phone if you use an NFC key? i.e. would Amazon be able to see your fingerprint/ IMEI of your device if you were to use these keys to log in? Also, does Yubikey themselves collect any sort of data via these keys?? Heard a lot of these 'third party authenticator apps' mine a bunch of personal data. LOVE your vids Rob. Greetings from the UK!

@liarborisjohnsom4136 3 года назад

Hi Rob, I have the yubikey 5C and 5NFC. THE YUBIKEY 5NFC works fine on my laptop but the Yubikey 5 C does not work on my Samsung Tab A nor my Samsung A40 Smart phone, it either takes too long to load or does not recognise my Yubikey 5c at all. I am a disabled person who uses social media often and I desperately want to use Yubikey on all my devices. Best wishes from UK.

@zacheray 4 года назад

I’m not sure you accurately described how it works according to a video explaining the U2F protocol. The device does more than act as a simple keyboard macro, according to other sources.

@oyhchris 2 года назад

Good review

@vidarreturns8632 4 года назад

Just using any Password Manager would be a 10000% security increase for most people

@nathandrake981 4 года назад

What’s the best one? LastPass? BitWarden?

@conall5434 4 года назад

@@nathandrake981 Generally Bitwarden would be considered better as it is open source, meaning anyone can inspect the code.

@encrypt3d587 3 года назад

@@nathandrake981 I use Bitwarden so I'm biased, but it's a great program and I see no real reason why you should pay for a password manager. Definitely go with Bitwarden.

@goldbrick2751 3 года назад

Great video, what happens when I loose my Yubi key stick that I have on my keychain with all my kyes, am I stuck then to use my computer?

@moneyrulus4883 3 года назад

You can have a second yubikey, with the same TOTP or the same U2F... It is like what you are suposed to do with your hardware wallet.

@saygday 3 года назад

2FA is a second method of verifying your login details are correct, not necessarily your identity.

@Wade_NZ 3 года назад

Do you have any password manager recommendations?

@percyfaith11 2 года назад

Some apps and websites do allow for registering more than one yubikey. This is handy for having a back up yubikey that you can store.

@thegolflife7565 4 года назад

What happened to Everykey? It was supposed to do everything from login to your MacBook to start your vehicle but it never did either...

@robbraxmantech 4 года назад

The industry has standardized into FIDO2 and a specific implementation of TOTP. Same with the TOTP apps like Authy and Google Authenticator. So the old auth methods just didn't change. In many ways, the hardware approach is a pain so I tend to use the software version more (Authy, and Google Authenticator).

@AA-gw6wd 3 года назад

In another video you asked why is everyone so interested in Bitwarden now? I would like to suggest, although I may wrong, that is possibly because the recent surge in interest in crypto currency and hence A. Antonopoluss channel and in his Ledger Hack/cyber security videos they mention Bitwarden as one of the main open source password managers.

@brianhoskins1979 3 года назад

You'd think that a fairly simple solution to USB-C / USB-A would be to have both types, one at each end. Then you use whichever one you like.

@JeffSmith03 3 года назад

Which I thought they did, but that was 5C and Lightning (Apple)

@georgetorres4158 4 месяца назад

Hello Rob, I realize this video is 4yrs. Old, I just to know if you have any new opinions on yubikeys? I.e are they reliable, user-friendly and most importantly which brand you can recommend. Thanks

@nikenbole 3 года назад

You said you only can register one key at a time and u need to use either usb-c or usb-a. But I just got two yubikey 5 nfc usb-a version. and the services I've tried so far have let me registered both keys and it worked on my phone both with nfc and using a usb-a to usb-c adapter. Did u mean the adapter is a security flaw maybe?

@robbraxmantech 3 года назад

This is an older video. This has been changed.

@nikenbole 3 года назад

@@robbraxmantech ah :) damn fast response btw. 🤘🤘

@spartyzik 3 года назад

If you leave this in your computer and step away, can't I pop it in my computer, steal your master password, and put it back?

@LimitedWard 3 года назад

At 16:19, I don't think this statement is quite accurate. For websites that support U2F (e.g. Google) or Yubico OTP (e.g. LastPass premium), you can configure multiple Yubikeys for the same account. Similarly for OATH OTP (which is what app-based 2FA uses), you can configure multiple Yubikeys for the same account by registering the same secret key multiple times. The easiest way to do that is by using the Yubico Authenticator app, which works just like other 2FA apps, but stores the secret keys on your Yubikey. If you want to be able to add additional Yubikeys for 2FA later, you can take a screenshot of the QR code, print it out, and store it somewhere safe. Obviously that's not super convenient, so ideally more websites will support U2F and FIDO2 in the future.

@felixaudet5860 4 месяца назад

It would be nice if you could do an update on that. So many sites now ask to take a pic of an on-screen QR code, as a 2FA method, can this be done with the Ubikey and is it as safe?

@waydav1s 2 года назад

I don't know about a PC, but I AM able to use USB-A to Micro converter for the Yubikey 5 on my Samsung 10 tablet. -->CableCreation Micro USB 2.0 OTG Cable Flat On The Go Adapter Micro USB Male to USB Female for Samsung S7 S6 Edge S4 S3 Android or Other Smart Phones Tablets with OTG Function 6 Inch, Black ON AMAZON

@jerseyjim9092 3 года назад

I mostly use another email as my 2FA. Its a pita but judging from the comments it sounds like yubikey could be a bigger pita.

@carpdog42 3 года назад

I have been using a yubikey daily for years; they really are nice. This video doesn't cover all the features; and the best ones are for holding gpg keys. Generate them offline, put subkeys on the yubikey; then password store can just be gpg encrypted files. There are even front ends for doing this called "password-store" - much better usage than the "fixed password" use; I have that totally disabled. GPG is a much better password manager

@fredflintstone4087 2 года назад

If you said most systems default to email or text when you loose the key then how safe is the key if email or text can be hacked? I would think it should be key or backup key or nothing. Please let me know how to protect against a hacker that can claim they lost their yubikey?

@catsupchutney 3 года назад

I'm pretty sure google lets me use multiple FIDO U2F keys.

@zerokool-2058 4 года назад

Does it work with your bank website? Can you set it up to sign into your laptop,

@robbraxmantech 4 года назад

That's a decision for every website to make.

@martinlutherkingjr.5582 4 года назад

If the websites you use Yubikey with can just fall back to SMS or email then there is any real security advantage to using a hardware key apart from phishing attacks if you are careless and end up putting your OTP into a fake website?

@robbraxmantech 4 года назад

OTP doesn't work like that! It's 'Time-based One Time Password' (TOTP). Cannot ever be used again. Only the company that has the original private key can validate it. You can pass multiple TOTP results to anyone else and it's meaningless

@martinlutherkingjr.5582 4 года назад

Rob Braxman Tech I’m referring to a phishing site where someone enters their password and TOTP. If the website doesn’t require a new TOTP for disabling 2-fa someone can hijack your account (if they are inputting the information into the real site immediately).

@robbraxmantech 4 года назад

How would the phishing site know you have a Yubikey? Next, if I were to do Phishing, I'd just accept any password since one of the things I want to collect is the password. Then I will ignore the TOTP since I don't even know it exists. Then I present the fake website. TOTP is not even connected to this story. It has to do with knowing what you're clicking

@martinlutherkingjr.5582 4 года назад

Rob Braxman Tech My original comment was referring to one of the pitfalls of TOTP/Google Authenticator. It appears prevention of phishing attacks is the only advantage I can see of a yubikey from my limited understanding of the device. This is why Binance doesn’t allow withdrawals within 2 minutes of logging in so that you are forced to use a new TOTP code for withdrawal.

@robbraxmantech 4 года назад

It's a different issue when you talk about how someone might hack 2FA with SMS. So if you allow a downgrade to SMS, then you can intercept the SMS with SS7 attack on SMS, or if you've prehacked the email, through email. The downgrade attack is an issue even on security of LTE. But without the ability to downgrade, then the usability is a problem. So yes it is not perfect

@flolou8496 3 года назад

Is there a way to protect your crypto if you've made a mistake and used a wallet from a wallet provider who are the scammers themselves? Is there a way a Yubikey can protect you in this case? I don't think they stole my crypto using a Trojan keylogger to gain access to my password for the wallet, but if the wallet providers themselves just randomly steal from the wallet user base, can a hardware device like still help?