Authenticator apps that you’re might
already be using like Google Authenticator, Microsoft Authenticator, Authy and many others
work great until…your phone gets stolen, you need to migrate to a new phone,
you lose your phone or better yet, your son drops a hammer on your
phone and it’s no longer usable. True story. Last month in fact. Thankfully there’s a little-known alternatives
that not only eliminates these concerns, it adds an even greater level of
security than you already have. And that’s what I’m going to show you right now. Two quick things. First, if you’re not
using some form of 2-factor authentication, please start doing that, at least for
your most important accounts. Second, if you’re using 2 factor authentication
but haven’t created a backup of that 2FA, you’re setting yourself up for some major
headaches down the road. You need to do that. After my phone lost it’s short but valiant
fight with the business end of a hammer, if I didn’t have backup of my 2FA,
I would have been in major trouble. My secret, and what I’m going to teach
you right now, is that some of my most important 2FA codes aren’t kept in an app
or in the cloud. They’re kept with me, right here on my physical key that
I can use on any device I want. Check this: on my new phone, all
I did was download the Yubico Authenticator app and the moment I plug in my key, the codes appear. I didn’t have to sign in or
go through any complicated migration process. And when I move over to my computer to plug in
the same key, the same codes appear there too. The codes aren’t kept in the app. The codes
are encrypted on the physical key itself, which means that I can access my 2FA codes on any
device without worrying about syncing all this data to the cloud or losing the phone. Instead of
trying to set up 2FA codes on 10 devices at once, I only need to set it up on my primary and
backup keys and then I’m good. If my son drops a hammer on my phone again, it doesn’t
matter because my codes are kept here. How does this work? It’s really simple. Let me start by saying that this feature is only
available for the Yubikey 5 series keys. Yes, I realize this isn’t free like an app is, but using a 2FA key offers a much higher
security and Yubikey has kindly offered $5 off any key you purchase using the
code ALLTHINGSSECURED at checkout. To set up this secure authenticator app,
I had to download Yubico Authenticator from the app store or on their website and
then plug in…or tap my 5 series Yubikey. You’ll see here that I’ve already set up some
dummy accounts on this test key, but adding a new account is as simple as finding the three dots on
the upper right and then clicking “Add account”. From here, you’ll either scan the QR code
provided by the account you want to secure or use the manual code they provide. So, for example,
let’s say I want to secure my LinkedIn account. I’ll find the security
settings and privacy settings, which in this case they call “Sign in and
security”. You’re looking for 2-factor authentication or what LinkedIn calls two-step
verification and then you’ll want to choose the authenticator app over something
like SMS text, which isn’t as secure. Despite what you’ll see from a lot of
these websites, even when they tell you to download Google Authenticator or in this
case LinkedIn is owned by Microsoft so they say to download Microsoft Authenticator - you
don’t have to! These codes aren’t proprietary to any app, so you can use whatever
you want, including a Yubikey 5 series. If you’re doing this on a desktop, you can
copy and paste this code into the Yubico authenticator or if you’re on you’re mobile
device, simply click “Continue” and scan the QR code. Verify the code and that’s it. If
you’ve tapped your key to access this on your mobile device, you’ll have to tap
again to finalize the code to the key. Now I know some of the questions
you might be asking right now, because I was asking the same things. First of all, I did setup a
backup key at the same time, which just means plugging in or tapping a
second key and scanning that same QR code. Even with this extra key, though, I still
record my backup codes for redundancy. Second, this key-based authenticator app can store
up to 32 of these authenticator codes per key, which means that if you have a lot of
accounts that use authenticator codes, you might have to be picky about
which ones you add to your key. And let me clarify because I get a lot
of questions about this. As a 2FA key, you can use your Yubikey on an unlimited number of
accounts for authentication. But if you’re storing authenticator codes on the your key, you’re
limited to only 32. Hopefully that makes sense. Oh, and for those of you who think “But now
all somebody needs to do is steal your key and they have access to everything!”,
don’t get too bent out of shape. If you go into configuration in
the Yubico authenticator app, find the menu item for Passwords and reset,
you can actually password protect your Yubikey, essentially making this a multi-factor
authentication method instead of just a 2-factor. In fact, you can even set it up with most
phones to take advantage of your biometrics to get access to the codes, whether
that’s your thumbprint or Face ID. This whole 2-factor authentication thing isn’t as
overwhelming as it may seem, I promise you. I’ve got an entire playlist of videos explaining
every aspect of using this to secure your accounts, and remember that if you use the code
ALLTHINGSSECURED, you can get $5 off a 2FA key or $10 off two Yubikeys right now. I promise you
it’s worth it for the increased account security.
