Me neither. It does makes loads of sense when thinking about the well presented explanations living in this channel.

Same here

Thanks for saying that! :)

Yes, and with really intelligent and poignant questions 😉

Thanks!

MitID requires no code, right? Seems less secure...

@@designtechdk Your code is generated on the fly and only lasts for like 2 minutes to type it in.

@@TrashskillsRS What i meant to say was "password", like with NemID you enter your personal password first and then confirm with either the app or keycard. So isn't MitID one-factor-authentication whereas NemID is two-factor-authentication?

@@designtechdk Dont you need to authenticate to enter your app?

@@TrashskillsRS Which app? I don't have MitID yet, but my NemID app is locked by a pin/biometrics

Lego for sure :).

LEGO, and unlike IKEA, you can take it apart again.

@@mikkelnpetersen well, It's always possible to take IKEA Furniture apart again. It's the reassembly that will be difficult...

The advantage of not giving the Lego’s better ID ( speaking of Nem ID ) is probably you can use them to build what ever you like. If some had different coloured spikes it would be visible if you choose to build something else.

Interesting, I wondered why they had used a lot of money on changing the name.

You are completely wrong on this. Nets also has developed MitID for Digitaliseringsstyrelsen - they of course in styrelsen have required a secure setup for the development of this etc. Its irrelevant who owns Nets (currently owned by Italian company Nexi).

Yezz,totally irrelevant,could be owned by Sicilian mobfamily,totally not relevantio!

Ha, not easy, but for how I just come up with new KZbin ideas :).

Yaeh i don't like the passport thing because i don't have one and the other thing i don't like is the phone thing... I don't mix My bank stuff with my Phone...

Yeah, I'm unable to upgrade to MitNem due to not having a Passport or a Driver's License. Absolute nonsense!

@@Nico-zw9ud If you haven't got the proper documentation you cannot upgrade to mitID yourself, however, you can always go to Borgerservice and let them do the identification.

I don't know about problems that competing solutions have solved better. Security will always be a bit annoying if done properly. You can make things easier and that seem to be the MitID selling point. I worry that it will be less secure. They already blundered by trusting the MitID app with too much of the security and a decentralized app like that will be a target that did not really exist with NemID. You had to make an active insecure choice with NemID to make it vulnerable. An app might be hacked without that choice. Furthermore being secretive about security is not the way that has proved to be most secure. The most secure solutions are always open about how they handle their security so they can get feedback if they blunder. Just the knowledge that this could happen encourage more secure solutions. It's too easy to rely on the secrecy as part of your security and introduce a vulnerability that way. The closed source secretive solutions feel intuitive but the most secure options are open source.

@@maxfriis The point of better useability is precisely to make things easier. With NemID you often have to enter your password into mobile devices for instance. This is bad useability. With Mit ID this will hopefully be much reduced. I honestly have no clue about the security of MitID. But I have read the newspapers and feel a bit worried. On the other hand, I know that the security people at Nets are very good indeed. They are not going to miss anything obvious.

@@mvoetmann1 Fair enough and good point about usability being a part of security. The bottom line is that we do not have sufficient information to continue this debate. I'm skeptical about the new unknown solution and you trust they will handle it professionally and well. That is fine and I really hope you are right.

Creating a security product which is to be used by the masses will always have trade-offs. If you wish to make something truly secure, the convinience of use will usually suffer. For instance, you can't expect the average citizen to be able to remember unique passwords containing more than 8 characters. So trade-offs in the level of security has to happen for a security product to achieve a high degree a convinience and usability.

@@pHD77 quite. But every so often you can, by being very clever and stealing ideas from others, increase useability without significant sacrifice of security. Also, technologies sometimes march in unexpected directions, forcing you to rethink your product. MitID has a number of such innovations. For instance, it supports U2F tokens, and has been designed with mobile devices in mind, which NemID was not.

Thanks! I believe you can get a key fob if you feel the phone app isn’t secure enough, that would simulate the physical card like with NemID. I also think setting a user ID yourself is more secure than a CPR, which MitID requires.

@@TravelinYoung thanks for your reply. Yes, that would be a good solution. I am waiting to be told when it is my turn to make the change, so actually I am only just starting to look into it more in depth now, with your video as my starting point. I must say, what a great video and great channel you have. I've been following your channel for a few months now. It's good, it really is. Have a great day!

We can’t vote yet so we hadn’t planned to.

@@TravelinYoungTypical! 😂😂😂

@@TravelinYoung As a non-EU foreigner, you can vote for municipal and regional elections (like the one we just had) when you have lived here for four years (without interruption). You cannot vote for parliamentary elections until you become a Danish citizen.

@@TravelinYoung Good wait to I run for mayor 😂

Yes I know, but we haven't been here 4 years yet.

Sweet!! Super cool.

@@TravelinYoung hope you read my edit 😁

@@MostlyDrones cool, just saw it! Perhaps, I’m sure we could come up with some stuff down the line :).

Haha, it took a day off :).

It exists? Or is it your idea 💡 for improvement?

I don’t think so, but my phone is physical and I probably treat it better than I do our dog brisket :). Getting into someone’s phone often means access to personal email, messaging, financial accounts, etc. So I don’t mind having my phone be the physical component of the 2 factor authentication as I would keep it closer to me than a code card or key fob.

Yaeh i don't like the idea of using my Phone for My bank stuff... It can be stolen... Break down and a lot of other things...

@hmmm - I feel the same way. The one and ONLY reason I have the app is because I couldn't pay for airplane tickets otherwise. I don't use my phone for my banking needs.

I still use NemID some places so probably best to have both.

I just like keeping people on their toes :).

I agree. And there's another huge issue that I haven't heard that many talk about. The fact that they are now moving the username into the "do not tell to other people" space, will end up being a potential problem for other non-MitID related services. For years now we've been teaching people to keep their passwords secret. You should NEVER give your password to anyone, ever. But usernames are often asked for over the phone to reset a work account or other similar maintenance tasks. This is normal, and acceptable - as long as the password is kept secret. But as MitID is now putting that into question, the users will not know what to believe. Since MitID will be such a widely used service we will probably see an uptick in confused employees thinking they should no longer tell the administrator their username so they can get their Citrix account serviced / restarted. It skews the whole username vs password security convention that we have worked so long to establish. Username ok to tell, password NOT ok to tell. Now suddenly usernames are secret too? But only some places. Then what places? Only MitID? Or maybe also other places? Users will probably get confused about this and scammers might benefit from it. It won't take a lot of convincing to scam elderly people into thinking that telling their password is now ok, since it's now the username that's secret. All they have to do is point to MitID and say "That's how it is now".

That’s exactly what I thought too. I liked the fact that NemID was awkward and a hassle for anyone wanting to steal or break your codes. MitID does appear at least to be too simple for theft etc.

You can have same login security with MitID if you wish by using a key fob. And your CPR isn’t a very secure login, much better to set a UserID yourself, which you do with MitID. A lot of the security improvements are less on how you login and more with how the data moves through the backend as it authenticates a user.

@@TravelinYoung Partly true, but the problem is that 95% would use the same userid they use for all other online logins, and use a userid that is based on something personal and depending on the online service you use your userid might even be publicly visible to everyone else on that service. Making that type of userid even more unsecure than the CPR

@@CyberonDK any suggestions?

@@ajwasp never use the same userid, and never use elements in them that you repeat from other userids. The problem would eventually be to remember the userid no matter what you do, this is would eventually led you to store it somewhere unsafe to be able to find it if you forget. I guess the only truly secure would be biometrics.

The point of it no longer being a piece of paper, is that people can't be fooled into copying it and sending that to bad actors.

@@bzdtemp Thank you captain obvious. My point is they could have made it credit card sized which is more practical, especially for those of us who carry credit card only wallets.

@@_-martin-_ Come on, like you are even gonna use anything but the app anyway. The key token will only be something few people will acquire use and I would assume, that many will be liking that it fits well on a key chain which something credit card sized won't. Also personally I have never seen a key token that is credit card shaped, seems to me they would likely be more fragile than the usual ones.

Haha, it wasn’t a hat day, but it was back in today’s video :).

@@TravelinYoung I saw it yesterday. Thanks for some great videos that I am in the process of watching. You are such a lovely family and your parents look so kind. I promise you will be allowed to keep your hat on if you and your family visit me, my husband and our two dogs and a single cat.😄 🇩🇰 🇩🇰 🇩🇰

Haha, thanks! My hat is still around, it will come and go depending on the topic or day :).

NemID already had problems where people logged on at a library wifi,

Mener man stadig kan undgå NemID/MitID..er det usandt?

@@sole129 jeg ved det faktisk ikke. Man kan få fysisk post men undgå Nem-ID er nok svært. Jeg tør ikke sige det.

@@sole129 Man kan fravælge e-boks og stadig få tilsendt dokumenter fysisk til sin postkasse.

@@pHD77 Tak for det:) Men eboks er selvfølgelig ikke det hele og jeg har forståelse for at nogle finder hele konceptet svært.

The only thing that makes it more secure is that you are not flashing your CPR number, and they are not storing your CPR number with the MitID either. So you have next to no chance of having your identity stolen by hackers attacking the servers. If someone steals your phone and can go into the app, then you are not secured at all. The main advantage is that MitID complies with EU regulation. NemID does not comply with current regulation.

@@TrashskillsRS - Aaah, well hackers can't use a CPR number for shit in reality. It's a crime for a business to let a customer identify themselves only with a CPR number, as far as I'm aware. And they have to prove that it was indeed you who engaged them in a deal. If you know someone's birthday, it's pretty easy to just go through the last four digits with brute force.

To add to that, and if you then give out some "rules" on how to create a unique id, you then have given the hacker a way to figure out what the most likely userid would be. Remember that the author of the password rules Bill Burr actually regrets making them, because it turns out that they cause even more unsecure passwords to be made.

Agreed. This must be a misunderstanding. User ids are not meant to be secret, so there should be no element of security there.

You can go to borgerservice and do it in person. I do not have a danish passport either and I changed without a problem.

Not yet, you have to be here 4 years.

Sucks, compare to what? America

@@3goldfinger bad treatment of patient, because of bad money management in our state

@@jonas3619 What do you mean by "our state"?

@@3goldfinger Denmark/government