And its good🤌🏻

It’s a relaxing vibe

Well, I did watch an Applied Science video which is always very good 😉 But I fully agree with the thought of your comment.

Miss clicks happen

The offenders are NSA and FBI employees.

I'm sure that creators know a lot more about this than I do, but there's no point in criticizing people for clicking thumbs down, if they even exist; they aren't going to change their click because someone called them out in the comments. Either these clicks are just bots or people are clicking thumbs down in an attempt to stop these videos from being recommended to them. That's the wrong approach, but it's Google's fault for adding the button in the first place.

Calm down dude.

Now that is something I missed!

@@ExplainingComputers or maybe "seb Key"

@@lesliedeana5142 :)

Yubie 1 kenobee and Yubie 2 kenobee

Very true. And biometrics are also static data -- so once they are stolen, you've had it. They are things to share very sparingly.

fingerprints papilary lines remain the same for entirety of your life; outer skin cuts or burns have no effect... you are very profane on the issue, go study basics of biometrics

@@ExplainingComputers Or arguably... not at all! Imagine IT airport security implanting a biometric scan record onto their manifest, just like people leaving your DNA at a crime scene that you've nothing to do with. The "high" security data means it is virtually unchallengeable. I'm afraid it all leads to very dark places indeed. The standard password is equivalent to CASH. It offers anonymity and that is far more precious than anything else for ordinary people who have an inalienable right to privacy. I don't give a damn if that makes law enforcement more difficult - Law enforcement should pick their game up instead of us all having to pay the price. Cash is on the way out as it largely cannot be recorded for prying eyes to see. Passwords are on the way out for the same reason... Data logging/snooping and data mining. And what of the elderly, many already suffer because the tech changes so quick and "greater" security will by nature will cause more of the elderly to fall foul of it.

@@cokeforever Waiting days or weeks to heal for them to be restored is problematic from cuts / burns / other damage. I am a diabetic, and have to do finger sticks on a very regular basis. Because of that, I do not use my registered fingers for those sticks to test blood glucose levels, because I can lock up / lock out very easily except on very cheap / inaccurate readers.

@@cokeforever I don’t the details of biometrics but I do know that after my wife had chemo for cancer a side effect was extremely dry skin and the fingerprint authentication on her iPhone became extremely unreliable.

When someone asks for the name of a car, or a maiden name, I always use a random character string not the actual name.

Greetings Prerry! And yes, we live in a sad world.

Greetings from the UK!

Greetings from the UK!

:)

Start with Duck Duck Go. 🦆

:)

Thanks! :)

I am sorry to hear of your loss, and will reply to your e-mail message.

@@ExplainingComputers Thank you so much, you are so kind!! And you described Aaron's passion in the message very accurately. We all appreciate it very very much.

You make the case here very well for the use of security keys over passwords!

Thanks! :)

Thanks for this feedback. SBC content here is now more like one every three weeks, rather than every two weeks. The world is indeed changing. :)

@@ExplainingComputers That's awesome to hear :) thanks for the reply

Greetings Leslie! :) How soon Sunday comes around again.

Very true.

Yes, agreed -- this is why using a phone as a second factor is not ideal. If a Yubikey malfuctions, you use your backup, and if that fails, you use a backup code and register some new keys! :)

Thank you! You too!

Good video idea noted. Once you have security keys, Gmail in the Advanced Protection Program is almost certainly (one of) the safest.

interesting idea, but tbh i only use microsoft and google, but just because i must use them, not because i chose them

I run my own email server. Alas, this is becoming vanishingly rare nowadays. :( But for about $8/month, I get a Linux KVM instance that lets me do whatever I like, including serving as my MX record.

You don't need a dedicated USB port for a security key. They are not left plugged in to the device. Rather, they are only connected when you log on to an account, and if you then trust the device, are hardly ever plugged in again. I have I think nine accounts that use a security key now, and on average plug in a key maybe once every two weeks. So there is no "big con"! :)

@@ExplainingComputersOh, thank you, that was really helpful! I guess I made a terribly wrong assumption because the closest thing I know to such a device are the piracy protection dongles some expensive pieces of software require to have plugged in in order to work. With that point clarified, my impression of security keys is getting so much better.

@@BilisNegra Ah, I see, no problem! :) I know the things you're talking about, as I have one that I have to learn in a PC to run LightWave. But security keys are very different - they only have to be there to touch their contact on a login. :)

Some hardware keys have an NFC interface to wirelessly communicate with a phone.

In my view it depends on the widely adopted service or product. Common services from technically competent companies whose business heavily involves computer security (eg Google and Microsoft) I think are a pretty safe bet. But widely used services from companies with little IT competence is another matter entirely. Obscurity can be a benefit, certainly.

As far as I am aware, Google's Titan keys do use hardware manufactured by Feitian.

the usb storage device is a usb controller that comunicates with the chip storing what the controller says it must store, the information is available when the controller gets a request from the pc or device you connected the usb storage device on external hard disks is a bit different because the usb controller must transtale orders into sata commands the key basically has a chip that acts like a cmos chip on your bios, it stores some information but is more for read it than white it, it is a small chip, a couple megabytes only, for those devices storing just keys, you don't change the values or keys often, if ever so pc asks for a response, dhe usb security key answers the information requested and that's it, there are cases where it must be plugged all the time or access to the resource stops responding or is closed the session this is problematic if you have a usb port that likes to disconnect things randomly or you damaged the usb connector on the device

It's perfectly possible to put an encrypted file system on a normal USB stick - so that whenever you plug it into a computer, you might need to manually enter a security code on the computer or have an encryption key already in place on the computer in order to read it. My own work IT department encrypts the drives in our work laptops so that someone cannot just take the drives out and read them in another machine. There are also some USB sticks that have a small keypad on them where you enter the security code before its contents can be read. You can also have USB devices that are not themselves storage devices but have to be inserted into a PC as a "dongle" before the PC itself can be used, or an application on it. A Yubikey is one such item. I hope that answers your question, there is so much "nomenclature" around security that it's often not easy to work out what question some is asking.

Thanks for your support James, most appreciated. :)

I agree that there should be an option to prevent such a code being used, but it does not "completely defeat the purpose" of using a security key with Twitter, as there is a very low probability of anybody being able to get hold of the one-off code code.

you can use the yubikey with all/most of those devices. as Chris showed, there‘s keys with USB C, but there‘s also ones with lightning (for iPhone/iPad) and NFC (for smartphones without lightning/USB C). you will have to insert the yubikey to each device while logging in to your account on it.

While that is a terrible idea, keeping your master password for your password keeper written on a card in your wallet actually isn't so terrible. Humans understand how to protect physical items of value such as credit cards and identity cards. Just don't lose your wallet! (And don't put enough info on the card for anyone to know what the passphrase is used for.)

Greetings!

:) Cool.

I totally agree.

Yes, this is why having two hardware security keys is advised, so if one fails or is damaged or lost, you can use the other.

As I indicated in the video, the advice comes from Microsoft, although I agree with it and always have. How frequently would you force password changes? Every 90 days? 60? 30? 7? Regular password changes can certainly reduce the risk of stolen passwords being used, but cannot prevent it. Making sure different passwords are used for different accounts is a far better defence for most people, so that stolen e-mail/password combinations cannot be used, as is moving away from a reliance on passwords, which is the message of this video (and all good security guidance these days).

@@ExplainingComputers not blaming you, I know it’s Microsoft’s advice. 90 days is the max age for a password in my opinion (specially in a enterprise environment)

I did mention password managers in this video! :) But OK, very briefly.

@@ExplainingComputers I re-watched and you did. My apologies. I missed it the first time.