[Explained] Using Yubikey as a Secure Password Generator

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
by techno man here and we've all done it you've got to go sign up on a website and you put in a password and you have to remember it so you put in the same password that you've been using for the last 500 years which is why you're a security risk well in part 2 of our series on security specifically using the Yubikey I'm going to show you how to configure you Yubikey to create on-the-go super secure passwords that are going to be super easy for you to remember we're gonna cover that and more today in this episode of the hi-tech Nomad right after this when the technology team we were all very very afraid it all happened so fast so very very fast it was so confusing we thought we would never figure any of it out [Music] and then one day a man decided to help us fight back someone who travelled the world to help us someone who understood the technology someone to show us how to make technology work for us he called himself the hi-tech nomad woohoo I don't know if you're excited but I'm excited you guys have been with me some of you all the way through the first video and we're coming up on our 100th video which will be in probably about a week or so from now we're gonna have a big premiere we got a really big big episode coming for that one so make sure that you get that make sure you click the subscribe button we're gonna actually do it as a premiere and there's gonna be lots of good stuff in it we're gonna be giving away some UV keys and just we're gonna have a fantastic time all right let's get into it the average user has six passwords or variations of them like cat dog cat dog one each of which is shared across multiple websites so let's say you've been using the internet for a couple of years that means you may have as many as a hundred and fifty different websites that have stored versions of your passwords now many of these websites you might not even use anymore for example when's the last time you logged into my space sorry MySpace but chances are the password you used for some old forgotten website is still a password that you use for something else and it might be the password that you used for your bank account or your office mail so here's what happens over the period of time every time you go to setup a website you're in a hurry and so the first thing you do is use the same username and password that you've been using over and over again if you use LastPass that there's a couple of nice utilities this ination totally new that has it will actually scan your computer and pull in all the passwords and you'll be surprised how many passwords are actually sitting inside of your now what you're looking at is something from a real person and what we see is is that 23 of the websites that this person uses we know have been broken into so there's 23 that we know without fail they really should change the password on those but the more scary number is coming up on the left which is that out of a total of a thousand nine the same password 491 times that means if they get broken into on one of those sites I would now be able to use that web that password to unlock 490 other web sites that this person uses and I guarantee you some of them are financial ones or ones that they mean obviously their pet their website you don't want people getting into them so how can we make it that we can quickly come up with a password without using the same password over and over again how do we break ourselves at this bad habit well Yubikey has a really nice feature that we can use to create on the fly strong passwords that are super easy to remember let me show you how to do it so I'm going to show you how you can personalize your Yubikey to achieve that really quick password really quick secure password so you're going to go and go to the yubico website and download the Yubikey personalization tool now when you open that up and my key is already inserted you'll see it says these are all of the features that are supported and again the Yubikey doesn't just do this the difference between the Yubikey and things like the google key the Yubikey supports a lot of different things whereas the Google key which is good but it only really supports like one or two or three things this allows you to make changes like we're changing right now so we're gonna go to a static password that's a password that's gonna be embedded into the key and we're gonna go to advanced now I'm gonna say this like three times so that you don't make any mistakes use configure slot to use slot to slot to and the reason for that is slot 1 is already used by a bunch of stuff and you can mess things up if you use slot 1 so the first thing you're gonna want to do is click on slot 2 got me done okay it will create a we're gonna use these little generate buttons to create a really cool long password that we're going to use together with our own little thoughts to create a really good secure password so that way we can come up with one that's really quick but we don't have to think about it so it can be up to 32 characters or more but we're gonna want to add our own stuff so we're gonna just say 16 so it's gonna take whatever we give it plus these 16 characters so we're gonna have a nice long password so we're gonna go ahead and click generate so we get some random piece here we're gonna go ahead generate so we get some random piece here and then this is important we want to be able to recreate this so that you if you have more than one key you have the same configuration on both keys or all three keys or whatever you have so once we generate this effect I'll hit generate a couple more times just to get a really random one I'm going to take these two lines of code and I'm going to take them and I'm going to save them and the reason being that if I ever need to create this again this weird password again I can I'm gonna I'm gonna save this as Yubikey master key I'm gonna say take this princess out save it and then if I ever need to do it again instead of hitting generate I can just cut copy and paste these back into these windows and I will get that configuration does that make sense so you want to save this so that you have it so again slot two I'm going to unprotected serial number even leave everything else alone and we're gonna go ahead and we're gonna click on right configuration now it also is saying it's gonna come up and say Charlie I saw you just did your configuration you want to save this just in case and so I will just save this just in case so now we have a unique 16 digit a 16 character password that is in that key now the way that we get to see what that password is is by putting our finger and holding it on the key for three seconds okay so this is our unique 16 character password that is hard-coded into our Yubikey and since I have more than one Yubikey I would do the same thing but in this case I would do the cut copy and paste of this so that both keys whenever I push and hold the button on the Yubikey for more than three seconds it'll spit out these 16 characters now while you might be tempted to just use these 16 characters as your password Nene we're not going to do that we're gonna do that in a unique way so let's take a look at how and you want to save this by the way just again keep it in the same file and I'll show you now how we're gonna use it when I say Disney what's the first thing that you think of okay so obviously for all of us it's gonna be different all right so for example when I say Disney the first thing I think of is Winnie the Pooh so I'm my password so when I get ready to make a password for the Disney site I'm gonna type in P oo H and then add that to the end and I add that to the end by simply putting my finger on my yubikey and holding it for three seconds and that will add it to the end so now I have this super long password that's easy for me to remember because the next time I go back to the site I just type it says what's the password I type pol H I push and hold the Yubikey and Bob's your uncle I now have a long password let's go to another website let's say we're at Fandango we're gonna go you know where we're gonna order movies so when I say Fandango what's the first thing that you think and again it's gonna be different for every person I think of green for green lantern and so I type in green land for a green for green lantern I push and hold the Yubikey and Bob's your uncle that is now the password for my Fandango site okay so now I have two different distinct passwords for each website but as long as I pick the first thing that comes to my head I will never ever have a problem clue when it the Disney Pooh okay Fandango green so I put in very simple pot and even if they break into either Fandango or the Disney all they're gonna do is get this pad word password which is unique to that site and even let's just even say they got into Fandango and into Disney and got these two passwords they still would have to figure out well how am i picking it they have no idea how I'm picking these let's say I go to Netflix okay what's the first thing you think of when you come to Netflix now obviously you don't want to type in Netflix but you get what I'm saying even if now you have no idea what I'm thinking of right now that I would use for Netflix so even if you knew it was something plus all of this still wouldn't help you so this is a way to use Yubikey so even if you don't use LastPass if you use the Yubikey in this method with what I just showed you with this second configuration you will end up with unique passwords for every single one of your sites and never have to worry again that's gonna do it for part two there's a part three and apart for there's a lot to cover with security I really appreciate you guys hitting the like button hit the subscribe button and the comments you guys I asked you guys if this is what you wanted to see and you said yes and so we're gonna just keep again we have the 100th episode coming up soon and that is gonna be something really special plus I'm gonna tell you about how you can see some additional videos that will not then be available on youtube but only to you guys who are subscribers and that's a little thank you because you guys have really been very supportive so until the next time this is the high tech Nomad signing out [Music]
Info
Channel: TheHiTechNomad
Views: 59,625
Rating: undefined out of 5
Keywords: yubikey neo, yubikey 5 nano, yubikey 5 nfc, security key, yubikey 5, password manager, security key by yubico, yubikey 5 review, yubikey 4 nano, yubikey 4c, how to, yubikey review, yubikey 5 series, yubikey 2fa, yubikey setup, yubico key review, security key usb, usb security key, yubico key, yubikey neo review, yubikey security key, internet security, personalization tool, yubico security key, yubikey setup guide, yubikey personalization tool, yubico key 5
Id: 9f3NCq_c7XQ
Channel Id: undefined
Length: 12min 42sec (762 seconds)
Published: Sat Nov 17 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.