Was this a helpful comparison for you? Leave any questions below and I'll do my best to answer. And I always appreciate your support when you use my affiliate links to buy either the Yubikey 5 series keys (geni.us/yubico-5c) and the Yubikey Bio series keys (geni.us/yubico-bio).

My friend who used to do woodworking also recommend you have a backup not based on your fingerprint.

Hey mate. Just gotta say I browsed your comment section and noticed youve replied to virtually everyone with advice or answers. Very strong commitment and impressive! I've followed.

My advice for someone just getting into security keys, get 5 series with NFC. Covers the most use cases.

The USB-C standard is on most newer Android phones, meaning you can use the Biometric function on Android. I'd like to just point out that while you personally use Apple, a large mobile market segment will be able to use the bio series.

Great Video on 3 Factor Authentication Josh... Thank You... 1st Factor Auth: ... UserName & PassWord Submited 2st Factor Auth: ... Yubi Key inserted into your Desktop USB and clicked when prompted. 3rd Factor Auth: ... Yubi Key Biometrics test combined with Key and clicked when prompted. Excellent Video Josh...

This was very helpful, and gave me some clarity. Appreciated the insight!

I work for a company that uses cleaning chemicals daily and i've found that when I had the fingerprint scanner on a phone, I had to use multiple fingertips as backups to unlock that phone. The chemicals alter the way my prints registered on the ID pad. So i've become very leery about using my fingerprints for my sole access.

Good point about the removal of NFC. I overlooked that initially. Thanks

Dude, this video helped me to decide to buy which key as my backup. Thanks a lot.

One for you and one for spouse but both are also saved for you and spouse. I would also suggest a third that is stored in a VERY safe place.

Informative and concise! Thank you. When you say the bio doesn't work with some accounts....basically because the bio doesn't support the authenticator applications. If an online account requires you to use the authenticator app, then you would not be able to use the bio key.

thanks! I just buy a backup Yubikey 5 yesterday, and I was scared you recommended the BIO one 😌

The biggest downside to Yubikeys is that if you want backups. You need two (or more) keys at the time you set them up. This is where the Onlykey really shines imho. It lets you export an encrypted config file which you can later use to create new keys.

Question: What do you think of actively using 2 keys (the bio and the NFC)? I mean, using the bio for all the accounts it can be used for, and using the NFC for everything else. (with a third key stowed away as backup) Would this create any problems, like confusing the auth app, or creating some other odd conflict? Thank you for this informative and helpful video by the way!

would it be possible to use a knuckle instead of a finger? I don't like fingerprints.

For me I see a potential HUGE down side : it'is/can more fragile an more prone to defect. That's a deal breaker for me, beside that I have a bad experience with biometric sensor so I don't like it. On the security side their is multiple way to use a MFA token, on yubikey you can use opengpg for everything and configure it to burn the subkeys if the wrong pin is enter 3 times. So loosing it isn't really an issues and I guess it's more secure them a biometric solution maybe.

Awesome thank appreciate it I'm going to buy it early next year

Would've loved some more focus on the different protocols here. As far as I know the bio doesn't support OTP for example.

Can you use the Bio to log in to Linux and MacOS with just the touch of the sensor? (like Apple TouchID)

I’m looking to upgrade my security with 2FA. Do you have a video on how to get started with the Yubikey and specifically, how to authenticate multiple Yubikeys with the same online account?

What about PIN cracker tools?

Thanks , great information !

Hey Josh, I enjoy watching your videos-keep up the good work! Can you make a video on how to set up your Mac, iPhone, Android, Windows for privacy (like settings to use, apps to install, etc.)? Also, making a video on email forwarding service, such as AnonAddy or iCloud Mail relay, would be really helpful! Furthermore, I would like your opinion on using apps vs web browsers. Do you sign in to apps on iOS or use the web browser? For example, using the KZbin app vs the browser or the Amazon app vs the browser or the Netflix app vs browser. I wonder if it's better to use the web browser because the company will have less access to data, but at the expense of user experience. Wouldn't companies be able to link the dots together easier if you use native apps? For instance, signing in to the KZbin app also signs the user into every other Google app. (Any thoughts on progressive web apps, LOL?)

If you lose a device, can you deactivate it remotely? Thinking from a business standpoint if an employee looses one especially if it's the NFC.

Yubikey even says the bio version is for shared workstation scenarios, not for the normal individual. Just get the 5 NFC.

5:33 you say "something that you have to have" but a finger print is "something that you are", while the YubiKey is the actual "something that you have" and the pin code is the "something that you know"

Already have the 5c which will be my back up and trying to decide between NFC or Bio. Think I will go with NFC for now based on your feedback.

Muchas por subir estos videos nos ayuda mucho. Saludos

Hello! The authentication process must be an anonymous cross-system process. For the guarantee of security must not collect any identity from individuals needs your security. Attackers can find ways to identify the target user. So it's very clear to me that a fingerprint option is not a viable option.

A very helpful video! Thank you very much!

I agree that no NFC is a pain but this can be overcome by using a USB-A to USB-C converter or for the older iPhones a USB-A to Lighting converter. I do this without issue on my Android.

Awesome as these are the two I selected for that exact reason. Now concerned that the BIO may not work for the sites I want to use it for. Hopefully, support is added in the future if that's the case.

can you describe the difference between the 2 keys from security point of view, which is better and which techonelgy each of them is using

Hi Josh, a query I currently have the Yubikey Security Key (the blue one), with which I have registered all my services with authentication by Key. I want to buy a second device now to have a backup in case I lose one ... I want to buy the Yubikey 5 NFC (The black one), and use it as the main one because I have the TOTP there and I currently use the authenticator microsoft, I would like to pass it all to the authenticator yubikey. Now, if I have as a second option the blue one for backup, the TOTP will not be able to recover it in case of losing the black one, correct? What do you recommend me? Thank you very much for your videos.

Thank you !! With this video !!! This video helps !!!! 😎😎 !!!!

4:44 Your fingerprint actually is Not Stored in the key, but the mathematical result, sum let's say of the calculation that is checked if it matches with the result of scanning of your finger. This cannot be read from the key, But even if it is read it is Not like a scan, or photo of your fingerprint and cannot be used somewhere else. 🙂

Re Nano option. Is the depression of the unit a toggle switch or is the product somehow reading my print? If merely a toggle, what's to prevent non-me from gaining access? Txs.

what about the new iPhone 15 with USB type-C?

Perhaps a silly question, but I assume you can have more than one backup Yubikey. My daily one, my backup at home, my backup at a family member's house, etc. Is that the case? In the same way, if I did break or lose my main key then I could just make a backup from my backup. Correct? Thanks for all your videos Josh!

a good use case would be if you wanted leaved one at a semi secure location like your work computer

I use my yubikey with a USB C adapter on my phone, works great

Great video! Something I do not like of the Yubikeys is that someone can of course, steal them (or I can lose mine). I have two standard Yubikeys but I am thinking I will buy the Yubikey bio. Would you know if the Yubikey Bio works with Binance? Cheers.

Bravo man! you are a pro!

YubiKey just came out with the “Security Key C NFC” for just $29.

Hi mate, are you there? I have 2 of the blue keys that serve me well.Thinking of getting the bio so i can just leave it in the laptop without the worry of someone stealing my laptop with the blue key in it. Then obviously I'll have the 2 blue ones as backups. I can't see a issue with this,do you? One would have to know the password of the bio yubikey to use it right? R U there?

Hi Josh, I’m considering buying an YubiKey 5Ci, since I suppose, owning only two iPads Pro (one 2020 and one M1) and an iPhone 12. So I have no desktop or laptop. I use 1Password for all my passwords and 2FA codes. Considering this and that my use is mostly personal, and at €70 each key (buying 2), would you still recommend the investment. After looking at the services compatible, I would probably using the YubiKey withe no more than 5-6. Thanks and keep up the nice videos.

hi josh. i have a couple questions 1) if i leave the yubikey in my pc 24/7 , and i have lasspass, if my pc is stolen, won't they have access to all my logins? and if so what do you reccomend to prevent that? 2) another question, not related to yubikey per say, but i want to do estate planning for my kids when i pass on and was thinking if there is a device that i could put my kids finterprints like the yubikey bio so only they could access and on this device would be my will and bank info, btc wallet and info they need, where i can put all my notes/instructions to them on how to use and what to do where i know this can't get into the wrong hands. or it could be online method as well, but this is what i'm trying to accomplish that if i become 'inactive' i want them to access and only them this info, would love to hear your suggestions or maybe you made vid on this topic already

Thanks for the video. You answered some questions I had about using it with mobile devices etc. Is the pin backup open to brute force? It would not take long to go though 9999 numbers if it allows 4 digit pins?

Please explain to me how a "Security Expert" recommends NFC, a protocol with 0 security?

These keys should be MUCH smaller! Type C and using smaller fingerprint readers, as we see on the side of some smartphones. With a reinforced loop to hold it in a keychain, chain or use itself as a keychain.

Man why is it so hard to find video's on yubikeys? I just want to know if I'm getting the actual yubitkey. I bought my yubikey from Amazon for $35 vs if you buy it from pretty much anywhere else it's double what I paid.

Excellent video....well done

I have a question. I want to go passwordless on outlook 365, personal account. How can I do this without the MS authenticator app? I just want to use my key ONLY to login, otherwise what's the point of the security? How do you accomplish this?

I heard they dont work on banking sites. Is that true?

Great video - very well explained. Where can I find out what applications work with the Yubikey 5NFC

My phone uses microUSB, so if I just a USB-C to microUSBB converter, would the Yubikey work with it?

definately Yubico pricing more because i paid yubico 5 NFC 50+15$ with shipping. after if arrived in India UPS asked 39$ for import fee. this is super pricing with total of 103$. even they put in air cargo/kg it was 15$ but they put useless courier service, now I got forced to pay 39$ because of them.

What about the blue regular series ? Would be for coinbase. My phone does not support NFC so i was looking at the cheaper blue series. It is just as secure ? I think it would be. It supports what coinbase want's

Yup. I was so excited for the bio to come out. And then it did.... Now I have no plans to ever buy it. Lol

Great vid!

Yubikey has some apps that are not supported and at present after multiple attempts Yubikey manager will not run on my win 10 laptop. Leaving me with default options and zero backups of PUK or PIN.

regarding setting up the backup key: how many backups can you have? For example, could I have a backup I keep at home, and a third key I keep off site?

Awesome advice 👍🏾👍🏾

For your back up Yubikey, you registered it as another key or you registered it as a spare key (same key information as the original one)?

Very helpful video - thank you. Do you know how this adds security to my smartphone on my google account? On the google account I cannot log out but only remove the account from the smartphone. So - if I'm always logged on, therefore 2FA authenticated - is not that even worse? Cause if the phone is stolen its stolen with the 2FA on.

Love this info

NFC is wonderful but not all phones have it. Many Samsung and Sony devices come with it built in. Some Motorola devices too.

Hi Josh, I have a Yubikey so I am all for the 2FA method of security. However; how is this more secure than a simple 2FA sms message with a code to login? Thanks very much, JR (United Kingdom)

Do I need to set up YubiKey Manager to configure FIDO2, OTP, and PIV functionality? Thanks.

Love my new Yubico 5 NFC

Excellect video...Well presented!

What's the Best yubikey 5 NFC or yubikey NFC?

It seems that you missed the use of an OTG device with bio vertion...

Why can't they make a bio with NFC? But the NFC activates only when the finger print has been activated?

does this negate needing a password manager?

Why would this key be more secure than my authenticator app on my phone?

Can I configure a LUKS volume to be opened if I provide both a passphrase and the BIO or 5 NFC?

The 5 NFC also is procteted by a pin ... not impressed so far by the bio. If they could restore my 2FA codes by using any bio security key I would be totally sold (I mean, it would be like saving all my vital 2FA codes on my fingertips).

UB key should team up with the security camera company

Which Yubikey is best for the current family of Apple devices ( IPad Pro w/USB-c, IPhone 12Max)

I have 2 keys provided by employer. I wanted to do some checks what I can do. Very disappointed with the support. The tests are flaky. In some areas it works, but fails with OTP. BIO is not sold on a website. Such a disappointment. Hey Yubico, add some sort of clear documentation to troubleshot a concrete error instead odf sending to your QA section where you can lost. Why it reports invalid OTP and what is required to do to fix?

With the bio version is the fingerprint copy thats held on the device able to be copied or stolen once someone has access to it ? Can we assume its as safe as apples fingerprint reader ?

Thanks!

I love the bio I use ro take fingerprints for the FBI have a wayy better gov gig but your prints will last a while unless you a hard worker in the field so guys/ladies folks use it it’s not a bad option of course have a back up just in case

So the Bio won't work with Android?

Thanks for this great video. I'm trying to understand why some services work with the 5 series but not the Bio. Is it just because they use TOTPs instead of FIDO2/U2F? My understanding of FIDO is that the biometric stuff is entirely local, and once that layer of authn is completed, the flow is the same as it would be with a Yubikey 5.

If fingerprint is stored on the device then why there's a generic windows prompt for scanning the fingerprint? Seems like it's Windows which does fingerprint check all the time.

It's a shame that the YubiKey Bio only supports 5 fingerprints(10 would be better in my opinion as if in a worst-case scenario you lost an entire hand you could still have a fingerprint available for authentication). It seems like your idea to have both a Bio and a Yubikey 5 NFC is the best solution. Perhaps having one either the Bio or 5 with USB-C and the other with USB-A would cover you in every single scenario.

I had zero luck getting two brands of fingerprint keys to work AT ALL. Ymmv.

How do I use it on android? I have the Yubikey 5 NFC.

Hi! Can you please answer me two questions? Can you please tell me if 3 people can use the same Yubikey with their own accounts? Or each person need to have one different Yubikey? And the other question is: We want to use the key mainly for Outlook, PC, Facebook... both on mobile phone and computer. You recommend the 5NFC instead of the Bio, right? Thanks so much in advance

hi, thank you very much...

Such a useful video

Can I restrict number of apps I can use with Yubikey for enterprise?

Like you can set up a security key for your iCloud account can you do the same with Samsung for your Samsung account I personally haven't seen an option in settings all I can see is backup codes authenticator app SMS text which I hate and that's pretty much it there's no option for security key I hope Samsung address this I hope Samsung add an option for for security keys like Google and apple and so on

now what if you lose your key and your fingers?

I've been trying to get the answer, but I don't seem to find it anywhere. If your PC/Device gets hacked or if it's infected, is that aa problem for the 2fa? Will it get infected too?

Yubikey "blue" also have NFC, right? The blue one just have less protocols I guess

I've got the Yubikey 5NFC. Is there an adapter for use with a Samsung phone? Or, do I have to replace the keys?