Yubikey Backups - How to TOTP Across Multiple Yubikeys

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to crosstalk solutions my name's chris and i absolutely love ubi keys for two-factor authentication the ones that i love the most are the yubikey 5 series so here we have the 5 nfc and then this is the 5ci which is usbc on one end and lightning on the other end now one of the key use cases for these devices is for your totp codes basically your six-digit time-based one-time password two-factor authentication codes now these devices do all kinds of different two-factor authentication including fido 2 but most websites haven't caught up with fido 2 yet so having totp capability is really really useful and if you guys want to see a full rundown as to how these keys work i'll put a link down below to my original yubikey video that explains them from top to bottom in this video however we're just going to talk about one feature of these ubi keys that i get asked about more often than anything else and that is can you have a backup of your ubikey and the answer absolutely is yes so i'm going to show you how to take your totp code and put it on different ubi keys in this case i'm going to do it across three different ubi keys okay before we get into that if you guys enjoy this type of content make sure you like and subscribe to crosstalk solutions and follow us on twitter at crosstalk sol for all of the latest updates let's go ahead and hop right into it i realized today that i only have my ubiquity totp two factor authentication on a single ub key that's this sort of main one that i have hanging on my keychain here also another side note people are concerned about the durability of this product i've had this hanging on my keys in my pocket out of my pocket in my computer on my nightstand for well over a year now and there has been no problem as far as the sturdiness of the device and whether or not it can take a beating it seems to be perfectly fine but if you're concerned about that yubico just released a new product that is a sort of protective key and yubikey wallet or sleeve i'm not sure exactly what you call it where you can sort of slide it in and it's more protected and it can just hang on your keychain and keeps all of your keys in this sort of like little flip out compartment it's pretty cool all links to all products are going to be down in the description below if you guys are interested in any of this stuff okay so i have gone to account.ui.com i have clicked on security and so the first thing that i need to do is disable my two-factor authentication because i want to completely turn it off and you have to turn it back on and put the two factor on all three keys in my case three keys as many backups as you want but they all have to be done at the same time you can't have two-factor authentication enabled you know with totp on one key and then add additional keys as backups later it doesn't work that way you have to do them all at once okay so first step is to disable two-factor authentication and it's going to ask me for my qfa token to do so so i'm plugging in my main 2fa token this is the one the only one that has my ubiquity totp codes on it i have brought up ubico authenticator we can see ubiquiti networks right here i'm going to double click that touch the ub key i get my code it's automatically copied to the clipboard and i can just paste it in right there and click submit so now we can see that two factor authentication has been disabled now we are going to re-enable it on all three of my keys so we're going to say enable two-factor authentication and that pops up a qr code as well as a secret code if you want to do it manually but the qr code does work just fine so let's do this we're going to bring up our yubico authenticator we're going to hit these three dots in the upper right hand corner we're going to say scan qr code and immediately we can see the issuer is ubiquity networks and then my account name so basically what it did is it looked on the screen of my computer it saw the qr code and we're just automatically going to add it so let's go ahead and say add account and since i already had it on this key it asked me if i wanted to overwrite the previous one which i did say yes and now i'm going to pull this key out of the usb and we're going to plug in ub key number two now this one does not have ubiquity totp on it at all so we're going to do the same process scan qr code there we have our issuer as well as the account name we're going to say add account now it's on two keys we're going to pull out the ub key and we're going to insert the third uv key i don't have usbc on the back of my keyboard so i have a usb c to usb type a adapter we're going to plug this in scan qr code and then we're going to click add account and once you have scanned the qr code into every device where you want to have this totp capability you can come over here and then just paste the 2fa so double clicking ubiquity hit the key i got my code copied to the clipboard paste it over here and submit now very very important whenever you do that and finish off your totp setup make sure you generate new backup codes most totp services will have the ability to have some sort of backup code this is just a final fail safe in case i lost all of my ub keys and google authenticator i have these backup codes that i can use to get into my account and still not have to you know contact the company and beg and plead for them to give me access again so i'm going to enter my totp code one more time and click generate new backup codes and i now have the backup codes displayed on the screen you can copy these and then you want to save them in a safe spot and it is as easy as that i now have my totp codes for ubiquity on three different ubi keys but let's do one more added bonus right if you guys are liking the google authenticator let's also make google authenticator a backup so here i have a google authenticator up on my phone and you can see that i don't use it for a lot but maybe i do want to start using it as a fourth backup totp device let's go ahead and add an account we're going to click the plus sign down in the bottom right and we're going to say scan qr code boom all right i got the qr code and i now have ubiquity networks also on google authenticator now the reason i don't like google authenticator versus the ubi keys is because when you switch phones like i recently switched phones from a iphone 8 to the the newest iphone and when i did that google authenticator the app came across but none of my codes did so typically what i would have to do is now go disable two-factor authentication on uh at every site that i have and then re-enable it and rescan the qr code so you don't have to do that with the ubi keys because it's just a hardware device i do understand that there are some totp apps out there like offi that do allow you to have multi-device you know backups or just have your totp codes across multi-devices so i understand that and of course to each his own whatever works best for you the most important thing is 2fa every day make sure that you are always doing 2fa wherever it's possible the way that i've been doing it recently is for the 2fa codes that i use most often i put those on my ub keys and then for anything where i'm like gosh i'm not really ever i barely ever log into this site i do want two-factor authentication those ones i'm putting on google authenticator so it's sort of my secondary less commonly used two-factor authentication is for uh is for google authenticator on my phone and then my day-to-day totp codes are on across all of my various yubikey devices all right there you go i hope you guys enjoyed this video links to all products are down below those are affiliate links it does not change your price at all but it does get us a couple of bucks for the referral we appreciate every referral that we get if you enjoyed this video make sure you give me a thumbs up and if you'd like to see more videos like this please click subscribe my name is chris with crosstalk solutions and thank you so much for watching [Music]
Info
Channel: Crosstalk Solutions
Views: 12,910
Rating: undefined out of 5
Keywords: Yubikey, crosstalk, crosstalk solutions, yubikey 5 nfc, yubikey setup, yubikey 5c nfc, yubikey iphone, yubikey 5ci, yubikey 5c, yubikey nfc iphone, yubikey authenticator, yubikey nfc, yubikey 5 nfc iphone, yubico, 2fa, two factor authentication, google authenticator, hardware security keys
Id: FKeydDMz_AI
Channel Id: undefined
Length: 8min 54sec (534 seconds)
Published: Mon Nov 29 2021
Related Videos
You Should Be Using Yubikeys!
Crosstalk Solutions
431K
We *ALMOST* Got Scammed! Here's the story..
Crosstalk Solutions
61K
How To Setup & Use Yubikey 5 Series Hardware Tokens - The BEST 2FA Option!
Shannon Morse
50K
Ubiquiti Breach Update - Mind Blowing New Info!
Crosstalk Solutions
88K
21 HORRIFIC Tech Fails they want you to forget.
Mrwhosetheboss
10M
Yubikey Bio vs Yubikey 5 | Is Fingerprint 2FA Worth an Extra $40?
All Things Secured
27K
New Square Dish! Major Starlink Updates
Crosstalk Solutions
143K
How to use Two-Factor Authentication (2FA) with Authy
AdamOnTech
3.4K
My FAVORITE Security Gadgets for 2021!! (that fit in my pocket)
All Things Secured
42K
Making a Simple Hydrogen Generator from Washers
Maciej Nowak Projects
3.8M
Second Oldest Trick in Sleight of Hand
susiefilms
13M
Don't Use a VPN...it's not the ultimate security fix you've been told
All Things Secured
961K
[Explained] Yubikey 5.0 - How to use a Yubikey & LastPass to Secure all your online Accounts!
TheHiTechNomad
222K
Setting up HAproxy and Let's Encrypt on OPNsense
TheMaw Tech
174
$250 Slab To $7700 Table
Blacktail Studio
3.8M
Protect Your Online Accounts Like a PRO | Yubikey 5C NFC
Joris Hermans
1.7K
The MOST private email service (2021)
Naomi Brockwell
354K
1.1.1.1
Crosstalk Solutions
78K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.4M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.