do i still need a password managet and and some othet form of 2FA too , or can i just use Yubi key for log in for email , and other sites where its accepted , im not tech savvy and get confused as to what i need for privacy and secrurity thats easy to use and impliment as i still use free gmail and i eant to switch to a paid for email for secrirty and privacy im not so much worried about goverment im more concerned about hacks , mitm and others i dont even know of lol , thanks for any info great channel i learn a lot frim you

I would be interested in using this for banking. Bank America seems to be the only banking using 2FA keys.

Yea, unfortunately banks have been slow to adopt the FIDO standard for security. It's coming, I hear!

No, it does the opposite. Absolutely nothing of substance was shown, and this whole thing feels like a corporate PR piece from a corporation desperate to try and convince you their closed-source security-through-obscurity binary blob is actually good for you.

Good joke. 404 error We can't find that page. Sorry!

or Amazon Shopping too

Works on amazon ​@@SteveHowardPhotography

Bank of America supports them.

You are so right. The fact that almost no big banks or investment companies support any 2FA beyond SMS, which is known to be vulnerable to sim card cloning attacks, is absolutely shameful. I would love to see more KZbinrs like @AllThingsSecured publicly calling out these institutions. They are failing their customers. Too often when customers are victimized they just wash their hands of it even thought they refused to provide modern methods to secure accounts like security keys. In the meantime, people need to do everything they can to protect themselves by securing all their recovery methods like their email and their phone's sim card. The banking institutions will only change when this becomes a big enough issue to be perceived as a competitive disadvantage.

It's honestly going to take government regulation to force them at this point. If they haven't done it already out of their own will...they'll never do it unless compelled.

Thanks for watching and commenting!

Glad you like them!

I’m not sure I follow. These keys also allow for NFC, which is just a tap on the phone, not plugged in, so you’re not dealing with the phone port at all.

​@@AllThingsSecuredOK, I don't actually own and use one of these keys myself. So I misunderstood whats possible. I think I have some catch-up reading to do. 😊

​@@AllThingsSecured - All these security keys can be emulated in an app like "Google Authenticatior", which essentially it does the same thing, of course it's only as secure your phone. Security keys are just a purpose build device which does one thing, and one thing only. One has to chose between the convenience of an all always on phone vs. carrying a key and plug-in/tap.

@@AllThingsSecured - All these security keys can be emulated in an app like "Google Authenticatior", which essentially it does the same thing, of course it's only as secure your phone.

@@AllThingsSecured - Security keys are just a purpose build device which does one thing, and one thing only. One has to chose between the convenience of an all always on phone vs. carrying a key and plug-in/tap.

Ha! It was actually filmed in a different month, but the weather was fantastic.

My pleasure! Glad you enjoyed it.

Yea, I don’t know why banks have been so slow to adopt a better security standard.

@@AllThingsSecured Easy. IT Support. Banks don't want to spend alot of money in IT Support for their customers with 2FA issues.

My pleasure, Charlie! Thanks for watching and commenting. 👍🏻

That’s why I have a backup. Either a second key that I store in a secure place or a backup code/phrase that I store offline.

My Q as well!

@@AllThingsSecured The downside of a second key is that some services make the last hardware key entered the primary without an option to change this to a "backup key". This is not Yubico/Yubikey related but really annoying. Some software/services are really not up to speed with using amd adopting hardware keys. Using hardware keys on a Android phone / Chromebook can be a real pain sometimes e.g. when they do not use the NFC chip but expect a physical key to be inserted. Disclaimer: I also use Yubikeys but the CEO not being able to enter their workshop does not give me less or more trust in their products. There so many options to manipulate a service/product somewhere else in the supply chain.

You’re welcome!

For me personally, I didn't always have my car keys with me until I got my Yubikey and added it to my keychain. After that, I always have it with me just in case.

@@justicefool3942 Thanks for your input. Guess I just need to decide - lanyard or keys. Thanks for your reply

@@localfixx4184 Great idea. Thanks for the tip!

Thanks for the feedback. I’ll try to do better next time 👍🏻

You can get a cheap one off of Amazon. Or just buy the correct YubiKey.

Thanks, Mikael! It was a wonderful trip.

They stole the session tokens. No two factor will prevent that. It's up to the controls of those tokens.

General advice for not just physical 2fa keys, but other critical things as well. Backups. I have 3 yubi keys, one that stays at home, one that stays at work, and one in my wallet. Once I onboard a key to an account, I also onboard the others as soon as I can. I also do not trust leaving a regular yubi key laying around, so all of my keys are the bio series which requires a fingerprint scan. Accounts that do not support more than one physical key in my mind are flawed implementations implemented by incompetent staff.

This isn't a Yubico problem, it's an industry problem. Banks have notoriously been slow to adopt higher 2FA standards and it's not that they don't accept YubiKeys, it's that they don't accept ANY 2FA keys at all. It's unfortunately and hopefully something that will change eventually. Locking down your email (Gmail, Outlook, Yahoo), your mobile device (Apple iOS, Android), your retirement accounts (Vanguard) and other such important accounts make this much more than just a good solution for a "large company". You don't have to use a YubiKey, but if you're not using 2FA of some kind, you're making a big mistake.

@@AllThingsSecured I appreciate your videos and for taking the time to reply ! I too really wish the banking industry would take security more seriously.

@@AllThingsSecured Most banks do actually support hardware tokens, it's just that you must purchase their token directly from them. Wells Fargo for example will sell you a RSA SecurID token for $25.

You always need a backup key.

Exactly. The best thing is to have a backup key. If not that, then you need to keep another kind of backup offline.

Sorry to hear that. Not sure how it has anything to do with 2FA keys, though.

@@AllThingsSecured I just wanted to reach out to you for some advice I'm only ney to computers

If you're gonna be silly on the internet, create unique email accounts for every sketchy website. Are you 12?

I'm not sure I follow the question. How is a 2FA key related to crypto?

Ha! Sorry about that.

lol idk why this made me laugh

I know, right?? Isn’t it just nuts how a security and privacy KZbinr talks SO MUCH about actual security and privacy tools like password managers, encrypted email and 2FA keys all the time?! It’s just unbelievable. I mean, you’d almost think that it’d be better for somebody who wasn’t interested in actual security and privacy to just, you know…unsubscribe 🤷‍♂️

You can use any other brand of compatible key if you want, all content about why and how to use it still apply. It's all about the chip and formfactor, not the brand.

🙌

How does that relate to 2FA security keys?

@@AllThingsSecured no technology no more tension about privacy security.

I wouldn't call it "newfangled" since the technology has been around for decades.

But…you can use them with smartphones via NFC or USB-C/Lightning port.

👍🏻👍🏻🙏🙏