Links mentioned:Go to my link, yubi.co/shannon-2024 to automatically get $5 off a Yubikey 5 NFC and start securing your accounts today! Where to find key covers: www.etsy.com/search?q=yubikey holder&ref=auto-1&as_prefix=yubikey amzn.to/440gbD0 Design info: www.yubico.com/blog/why-we-designed-the-yubikey-the-way-we-did/ My 2FA Playlist kzbin.info/aero/PLeYHKbaShxTE4NCIUP88sEZmW0NgPORSB&si=flzjgeDw4Pv5AQqK

I have a USB-A Neo version from 2012 on my car keychain with a bunch of other keys. Carried in my jeans, dumped in the centre car console, exposed USB-A pins and all. Still working fine with daily use. Basically bomb proof. They don’t need to be coddled

I have 2 Yubikey 5 NFC keys and am so happy with them. They are worth the money and security.

I appreciate that your explanations are always thorough. The house key/locksmith example to explain the concept of security key management is great!

Thank you for answering these questions! I've been searching for answers to this stuff but all the videos i've seen are the basic tutorials and why you should use them. This was great.

Thanks for this video! The Yubikey I have on my key chain I use a Keyport Pivot 2.0 to protect it from being damaged. Works pretty well.

I recently bought a set of 5 NFC yubikeys. This video series has been very helpful. Thanks Shannon!

Great video, Shannon. I do enjoy this series. @6:03 that jeans pocket was designed for a pocket watch.

Thanks for sharing. Blessings on your day.

Ahhh, my trusty Yubikey! At my side each and every day!

Thank you Shannon

Forcing re-auth should be a personal choice. As Shannon says, your life is yours to design for your personal security. What I didn't hear Shannon say, if you're being forced to re-auth each time with a password, look for the "skip password when possible setting in security settings", and/or make sure that you're allowing that site to store cookie data on your device/browser. (I'm not making recommendations, just troubleshooting.) Great vid as always, Shannon!

One thing I think people really have to do is set a PIN on the YubiKey. If it is lost or stolen it adds another hurdle to authenticating with your hardware token.

Thanks for the videos. They are very informative. If my wife and I each have a Yubikey, can we share a third one as a backup just in case one of the primary keys is lost? We share our bank accounts anyway. We have different login ID to every site.

Thank You Shannon! Another great video! I wish more websites offered Yubi key. I am sick of being hacked!

Id like to see you do a video about tracking while you are in your car and what if anything you can do to either stop this or reduce it.

I've been carrying around one of my YubiKeys on my keychain since 2016 and have never had a problem with it. No cover or protection on it, it's banged up and the plastic has some scrapes on it but absolutely no issues with it not working. (I *am* currently replacing them with new ones, just in case since they are almost ten years old...)

Why doesn't the banking industry support these more widely? I checked to see if any of my banks were listed on the Yubico website and they weren't. Not even a large bank like Chase was listed. I know that the financial industry is slow to adopt tech but come on, it's 2025!

I keep hearing passkeys don't require a password but I see most implementations require a pin code, which is something you still have to know and type. Is this an optional layer of security?

5:32 So USB-C isn't durable for a hardware security token? An additional layer of damage protection for the HW is required? My "old" USB-A token (5th gen USB-+NFC) has been serving me well in my pocket on my keyring (with change, and all the other stuff that trouser pockets endure).. I think that the Lightning key is as hardy, but I really never thought of the "delicate" USB-C connectors being a problem, but they obviously are. Thanks for the heads up, sticking to hardier USB-A tokens in the future.

Thanks so much Shannon! I'm about to buy my 1st Yubikey 5, but before knowing which one to buy, I have a last question. I have Macbook Pro with 2xUSB C ports. Most of the time for my daily work use, I have an USB C dongle plugged to one of the USB C ports and my charger cable on the other port. So i'm wondering if using a Yubikey 5 with USB C or USB A (connected to the dongle) would work or not. Hopefully someone could do a test for me and let me know.

I accidentally put my 5C nano in the washing machine (it was in my pocket) and then it went through TWO dry cycles until my wife found it getting the next load from the dryer. Works fine, no issues. Not recommended, but these things are tough.

can we use the backup codes to login on a new device ?

I understand the premise of asking an out of state friend/family to store a backup, but how do you update it when you add new accounts? Sounds like a burden on whoever is storing the backup if they need to send it back to me once in a while

I have had a usb-c nfc on my keychain with a bunch of keys for years, no protection at all. It has always worked flawlessly durability is not a significant concern.

Interesting about the cases for the yubikey, I always keep my main one (5C NFC) on my keychain with one of those little lanyard things. On the same keychain, I have a flash drive (also with a lanyard) with my house keys. These come with me daily, multiple times a day too since the dog demands her walks! 😂 I haven't had any issues though I do keep a spare in a safe just in case I do ever destroy/lose it. I did start to get chipped corners before the 5 series but it still worked and obviously eventually replaced it when the 5 series was released.

A good tip is if you have multiple keys, take some nail polish or mark them some way to differentiate between them. I put some dots in different colors, and name the keys after the colors. So if I have a red key and a green key, and I lost my green key, I can go into the website and delete that green key. Also, to correct a misunderstanding out there - these 'touch to activate' they don't use your fingerprint, they don't store your fingerprint, it's just like pressing a button. Just in case some website randomly asks you for your key, and you're not setting up authentication, that you don't touch it and cancel the prompt.

I have a question, should I be putting my spare keys in a faraday/emp bag? Or would they be A. “Protected” already or B. For some reason be damaged by being in one of those bags

On installing yubico key a message flashed up handshake was captured. Is that normal? Thanks Shannon 👍

Nice one 😊

Hi Shannon, on installing a Yubico key, a message flashed up on screen. Handshake was captured. Is that normal ?

What about the yubikey static password options, I type in a password then add the static password to the end so its less shoulder surfing vulnerable + it adds 32 extra characters to my memorized password.

With passkeys being accepted so widely now, is it worth a non celebrity to purchase a $50 more more hardware 2fa key?

Why do google need to see the make and model of the key? Is there any way to bypass this on Windows? My friend on Linux could just select "no" and still get the key working.

What if someone has your yubikey and they have their own which is managed on their own yubikey app on windows and they plug yours in. They will still see the websites you log into and will only need the user and pass right (assuming you didnt put an additional 6 digit code everytime you use yours)?

Hi, trying to buy 2 usb c keys but the system only applies the coupon to the usb a key, is that normal? do you have a link for usb c keys?

Can you use then if you run linux os?

I've had my google fido1 on my keychain for 4 years. NFC still works but usb stopped working after 2 years. It's not detected when I plug it in a computer...

Can you answer this question please.. If I'm using Bitwarden, and have 2FA running on it too, but only way to access my Bitwarden is having my yubikey, is this safe? Or do you recommend not having 2FA's on Bitwarden in general?

Some websites still only accept one phone with a camera (biomatric) to create PassKeys and no secondary Passkeys allowed. The problem is that I could not trust a phone as much as a hardware key. The waiting is just too long.

coupon code not working on site

This may be a daft question, I recently got 2 yubikeys. I attempted to connect them to one of my gmail accounts. I ran into a problem where it didnt matter which key I used first it would then tell me I could not assign a key meaning I could never set up a backup key. I ended up deleting the key that I had set up as I didnt want to risk being locked out if I lost this ne key. Is this something you can advise on?

2 problems with the yubikey. 1: flat contact area .I have had usb with flat contact area and they don't always make contact.2: Why doesn't the contact area retract back in like some usb key do.

Great video Shannon! Quick question: How does having your Yubico key scanned with x-ray while going through a security check at the airport affect the functionality of your 2fa key?

Oh and add a magnetic USB break adapter and run buskill with a lanyard around wrist like a jetski kill leash, autolock!

Ok, you convinced me, but I want to use the $5 discount, but will not let me get the YubiKey 5C NFC 😞

My question is, how likely is it that people can spoof yubikeys?

Wait if I get my new Yubikey, can my account be inked to 2 seperate keys?!

When will the ability to use Yubico instead of fingerprint or pin unlock the phone? It would have been something.

They're fine on a keychain... it's pretty much all covered (injection molded) in plastic... you are more likely to loose it if you keep it in a case separately.

I find the keys quite expensive (even with the discount), especially considering you advise people to buy 2. And perhaps yubico should provide a multi pack. (2 for 90 or something like that)

3:30 A one time purchase, apart from everyone recommending you buy 2 of them.

I have three Yubikeys. Occasionally I will misplace one...or maybe leave it at a friends house. I get real uncomfortable taking my only key out of the house when that happens. I've never lost one. The thought of being down to one key makes me uncomfortable. I don't like to set up codes as a backup if I don't have to. It is one more way for hackers to try and get in. I like just one way in.

I went to login to KZbin in my Tesla vehicle, on built-in screen. It asked for my YubiKey and I was like YIKES!, but after reading the screen more, I saw if I canceled I could choose another option to authenticate and thankfully I had also enabled my 2FA authenticator. So in some cases you may find the device won't accept a Yubikey. The Tesla may accept a Yubikey as there are USB ports, but I wasn't sure that would work, so I was glad I had enabled a second 2/M FA option. Anyone know if you can use a Yubikey to authenticate to Google in a Tesla?

I like to name my keys and label them so I can tell which key might have been lost and which keys need to be added to an account. Otherwise it get's tricky fast.

Wow they have been around for over a decade and doesn't come with a cover to avoid dust/damage 🤨

Security say's aaaah. Everyday😂😂😂😅

9:34 that sounds like a huge pain

I am new to security keys. I like them a lot, but there are two things people must understand. One, you need to make sure you think about OTHER 2FA’s. If you leave phones, emails, passkeys, or biometrics turned on, then you and hackers can still go around your security key. You need to turn that stuff off or remove it if you want to go all in on security keys. Two, just because a particular company allows keys for their website does not mean they also allow them for their app. Vanguard is one such company. Even you opt not to use the app, a hacker can still get in if they figure out your password and your security question (Assuming you leave 2FA by cell phone or email turned off). Don’t get me wrong, this is good, but it’s not on the same level as a security key. This oversight does not speak well of the company, but aside from that, it is important you check both websites and apps to make sure they are both work.

I heard the username as " At Nip Dawg" hahaa

I love the whole concept of a security key, but the sites that I care about just don't support them. Lack of support by important services such as financial are the real problem. Showing us how wonderful they are doesn't seem to be moving the needle. Sad.

When is someone going to make a wearable ring that operates like a yubikey, and is usable for U2F authentication? I want one, but all the smart rings either require charging, or can't do U2F

I wasn’t signing into a new device I had purchased 100 and $200 at least on three UB keys. Nobody gives the barn and I had to change my 20 year banking routing and account you know and now you’re saying all I need is one key I have never heard that but then again Iwatch pay it forward and generally their spot on two keys is a mandatory and I’m speechless

Definitely not ready for general public....

Snubbs, why are Yubikeys so poorly packaged with how to instructions. No mention of setting master codes that need to be shared across backup keys.

booorrrinnngggg

Yubi key is a fail

Everything you’re saying makes no sense to me bought the keys so I would feel safe and secure because I don’t trust technology. PERIOD I had three and still I can’t get into anything. It’s like they don’t know who the hell I am this really stinks and, Apple gave me a password for Apple for Google and it goes back like I don’t want 2008. I have 1000 songs on that devices and apples asking me if I have two Apple IDs I don’t they think I purchased I never knew iCloud turned into iTunes turned into Apple ID, my husband passed so nobody kept me up 2-date you can’t even respond to me because that is an old Google account from 2010 or even before then because Facebook everything I was going to just keep everything Apple and start face start everything third-party over again. Will Apple premier one that’s part of three party is really not helping people that need help, and I say that and all sincerity

Shannon, I found that you were shouting in this video whereas your other videos were a lot more mellow. I'll be honest, I didn't enjoy this video because it felt like you were talking at me and not to me. Just some feedback. Cheers.

Ubi keys are a waste of time, just above in linux on a device and use one password.