How To Setup & Use Yubikey 5 Series Hardware Tokens - The BEST 2FA Option!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey s'mores i'm shannon morse welcome to morse code you all know that i am slightly ever so slightly obsessed with second factor authentication and i want everyone in the world to understand why it is so beneficial and today i am introducing my personal favorite type of 2fa which is yubikeys now if this is your first 2fa rodeo it's actually pretty simple you know how when you use an atm you need to put your card in the atm and then you have to type in a pin code that atm needs two pieces of information from you to give you money the actual card and the pin code that's connected to it that's basically what 2fa is you use it every single day that you use an atm and it's two factors of authentication online 2fa means that you log into an account with your normal username and password but it also requires you to type in a code that gets texted to you or you type in a code that is on an application on your phone or you plug in one of these little devices like i have right here i have so many to show you and that device triggers the login so this protects you from somebody getting into your account if they somehow got access to your password and given that there are so many password leaks these days and people are still reusing passwords all across the web then it's something to seriously consider now i always recommend turning on 2fa if it's available on your website and it is available now on lots of sites nowadays you can turn on 2fa on your gmail your password manager twitter just implemented physical hardware tokens for 2fa facebook instagram patreon i know amazon does all sorts of sites and yes luckily there is a site for that that you can reference it's called 2fa.directory i will link to it down below as well in my description if you're watching on mobile just click the title and you will see the description drop down from there my personal favorite type of 2fa are these little hardware tokens like you see here now i already discussed hardware tokens before in my google titan security key review video but tldr they are the most secure option for most consumers the pro side is criminals would need to have access not only to your password but your hardware key as well in order to hack into your online accounts so it removes the potential for a remote attack but of course the flip side to that is the con which is you need to have this on you whenever you log into your account on a new system that has not been previously logged in and still has cookies for your authentication so if you don't carry your hardware key around or you tend to lose things you may want to consider having a backup option set up on your online accounts now these hardware tokens that you see here all of these are ubi keys yes all of them they come in different form factors for all sorts of different devices so like if you have an iphone there's one for that this one has lightning on it do you have an android phone you're in luck because this one has usbc do you want both this one actually that i mentioned earlier has lightning and usb-c so you can use it cross-platform that's so cool if you need one that's just usb-a that one is usb-a this looks just like any other flash drive now let's say you want one that has nfc this one has nfc as well as this usbc one both of them have nfc so you don't have to plug it in you can just tap it or stick it up next to your device and it will authenticate for you so a little bit of background about yubico they were founded way back in 2007 in sweden and they create hardware keys that you can use to log into any accounts that are supported they also worked with google to create a standard of technology which is called universal second factor which is hosted by the industry consortium called the fido alliance basically if a company wants to accept u2f devices for a second factor they totally can and you can use any u2f standard key to unlock your accounts yubikeys are one of these and so are google titans i thought this was kind of hilarious you can find this really old hack five video over on yubico's website that describes how they work and that's pretty much the gist of it so you can go there and watch that old old video because most of it is still very relevant in this day and age i look so young in that video it's crazy now i share all of this background information because i've known stina who is the founder for the better part of a decade and you can see the passion that this company has for security and privacy and they have this excitement whenever i go to cons and talk to them about all their different keys the people that work there are really passionate about what they do and that's so rare when it comes to security and privacy and i share that kind of excitement because stuff like this makes it so easy for consumers to be protected the fact that yubico has not only created keys but also started a universal initiative with other companies that's huge so today i wanted to go through these i'm also going to demo them and i will describe pricing and how they work yubico did send me these keys for review at least most of them i think a couple of them i had purchased i've also purchased plenty of these in the past for years and years as usb options have been upgraded over time by the way are you subscribed because i do a lot of security and privacy videos like this on my channel and here's a few other ways that you can support my work okay before we get started i wanted to mention that you can basically use any of these yubi keys to unlock all your supported accounts and the same yubikey can be used on multiple devices so if you were to purchase one of these you would only have to get one unless you have many different devices so for example i have androids i have ios devices i have a windows 10 machine i have a linux machine and they have lightning usbc and usb a so i normally buy a couple of these so i'm never locked out no matter which device i'm currently using but if one of my phones or computers also supports nfc i could tap instead of plugging in because several of these support nfc not just plugging in now all of the ones that you see sitting out here including the ones out of the wrapper and these in this little box they're all series 5 ubi keys these five are a part of this thing called the experience pack which retails for 290. all of them support u2f openpgp 502 and a whole lot of other protocols but basically for a user all that means is they will work on lots of websites and lots of accounts that you are already using there's also something else i wanted to mention with these is they can authenticate you when you log in up to four times faster than one-time passcodes or sms-based authentication options they don't require a battery or a wi-fi connection to work they don't require you to go to your carrier network and get some kind of sms message and they don't require any kind of application on your phone to work so that you can go in there and type in a code all you have to do is plug one of these things in or hit it with nfc and there you go you're ready to log in so the first one on my list is this one it's called the yubikey 5 nfc this one supports both usb a so it looks like a normal everyday flash drive and nfc so you can tap this against any nfc enabled devices to log in or you can plug it into a usb a port and it retails for 45 and lucky for us nfc is on pretty much every mobile device that you're currently using whether that's android or iphone this one is the yubikey 5c nfc this one is 55. and it also comes with nfc but instead of usb a you have usb c now this one that you saw earlier this one is the yubikey 5c i and that includes both usbc and lightning so you can plug it into a usbc port or a lightning port and when you do that you just have to tap the little gold contacts on either side in order to authenticate and log into your online accounts this one is 70 and it does not include nfc now you probably noticed when i was going through these that all of them these three have little holes in them that's for a key chain now lastly we have the two little ones at the bottom these ones are meant to be kept in your device at all times assuming that your device is secure and it's not going to be vulnerable to any kind of physical attacks i think these little ones are really cool so the first one we have is this yubikey 5 nano this one is 50 this one can sit almost flush inside your usb port and you press the gold contact whenever you need to log in and then we also have this teeny tiny one which is the yubikey 5c nano which is 60. this one almost sits flush in any usb c port on your device now neither of these little ones have nfc so they would be best in a laptop or a pc now another one that i wanted to show you is this one i have a yubikey 5c this one costs 50 this one is usbc only and you touch the contact to authenticate the contacts are on both sides the little gold contacts so yubico has a great comparison graph on their website so you can compare all the different offerings in case you're not sure which one you should get most consumers will want a 5 series yubico there's also some that are certified for government use but we're talking about consumers here so i'm just going to stick with the 5 series so now i wanted to give you a demo so you can see how easy it is to set one of these up so here's how i would do that with one of my online accounts so since i have a lot of cross-platform things going on here most of my devices are usb-c however i do have an iphone i am using the 5ci for this example demo on facebook you go to settings and privacy click settings click security and login and two-factor authentication from here you click edit or enable to turn it on for the first time and then you choose security key then follow the on-screen instructions now you will notice if you watched my titan demo the google titan security key the same kind of window if you're on windows 10 is going to pop up but this one also requires you to choose a pin code so choose a pin touch the yubikey while it's plugged in and it will be added to your facebook profile when you log in on a new device you will need to enter the pin then touch the yubikey while it's plugged in to log into your account the other one that i used was this 5cnfc i use this one by plugging it into my computer and i go through the same kind of setup to log into a new device like on my samsung phone for example i just have to hold it to the back of the phone until it vibrates this shows that you can use more than one hardware token on one online account so if you want to keep one as a backup and you're safe that would be a great idea in the event that you lost the main one that you use so personally i love hardware keys especially with the versatility of the yubikeys and i have recommended them for years because they are so easy to use they're efficient and they are highly secure and if you are not using one yet just get one or get two so that you have a backup it's a one-time cost and they last a long time trust me i know i've had them for like a decade and they add the best security for account authentication do you all feel the same that i do comment below and let me know if you use a yubi key and if you love it as much as i love mine last thing i did want to mention they have all these really cool stickers and i actually use these for identification so for example i have this sticker on this yubikey and that tells me that this is the one that i use to authenticate specific accounts and then i will put additional stickers on other ones to have his backups so i might use like this really cool geode sticker on this one they do sell these on their website for like five bucks each or something like that so they're really inexpensive and it's a great way to just basically identify your keys so that you know exactly which ones you're using thank you again so much to my s'mores for subscribing and for watching i'm shannon morris and i will see you soon bye y'all

Info

Channel: Shannon Morse

Views: 50,560

Rating: undefined out of 5

Keywords: yubikey 5 nfc, yubico security key, yubikey 5, security key, yubico, yubikey review, yubikey 2fa, two factor authentication, yubico key, 2fa, yubikey security key, how to, yubikey nfc, fido u2f, 2fa key, security key usb, tech, usb security key, yubikey 5ci, fido, cyber security, usb security, yubikey setup, hardware security key, gmail security key, yubico authenticator, yubikey 5ci setup, yubikey 5c nano review, yubikey 5c nfc review, yubikey 5c review, yubikey 5c nfc

Id: 7qlpDJdYmIY

Channel Id: undefined

Length: 12min 48sec (768 seconds)

Published: Thu May 06 2021