How To Setup & Use Passkeys on Yubikey & Your Phone! - Full Walkthrough

Поделиться
HTML-код
  • Опубликовано: 4 окт 2024

Комментарии • 116

  • @PadraigDoran
    @PadraigDoran Год назад +36

    Hi Shannon and others. PayPal and eBay sites don't allow registration of a backup security key and should be called out on it. It's recommended practice to register at least 2 hardware security keys. There's already a ticket about it on PayPal community support but seems to be ignored.

    • @againstbulshit2895
      @againstbulshit2895 8 месяцев назад

      Hardware key got broken, no more access 😂

    • @PadraigDoran
      @PadraigDoran 8 месяцев назад

      Well you can have a TOTP Code as a backup authenticator so there's at least that, but would be better just to allow many physical keys @@againstbulshit2895

    • @killer2600
      @killer2600 7 месяцев назад +2

      For 2FA, on PayPal a security key IS the backup to using an authenticator app (TOTP) or vice-versa. Personally, I use the authenticator app 2FA on PayPal. Backing up the QR codes and installing them on new devices is easy and never limited by website rules or UI. I use a Yubikey for TOTP so I'm still retaining the "hardware kept secrets" aspect of a (FIDO) security key.

  • @vasiovasio
    @vasiovasio 6 месяцев назад +6

    Shannon, your enthusiasm is Contagious! Keep Going, Girl! ☺️☺️☺️

  • @lVlegabyte
    @lVlegabyte Год назад +5

    I love when you upload security videos.I actually understand them

    • @ShannonMorse
      @ShannonMorse  Год назад +1

      This is the best compliment. Thank you! I'm glad my videos are easy to understand 😁

  • @Cbat1
    @Cbat1 Год назад +5

    Hey Shannon, I really like the content you put out. It is very helpful to this old man. I’d love to see more iOS oriented content, if possible. Thanks for what you do!

  • @autobot3b5
    @autobot3b5 Год назад +2

    Awesome series! I'd love to see more about Yubikeys. They have so much more options such as using it for PGP keys, and more. I'd love to hear your option and see a walk-through tutorial.

  • @keaco73
    @keaco73 10 месяцев назад +1

    Clear as mud! Glitchy passkeys is an understatement.

  • @dimitriospapageorgiou
    @dimitriospapageorgiou Месяц назад

    I may be biased, but your hair always looks best when it has some blue or purple.
    Anyway, great video and I can totally relate to the productive feeling when securing one's accounts.
    Keep up the valuable content.
    Cheers.

  • @christopherguy1217
    @christopherguy1217 Год назад +3

    I have learned that when setting up TOTP to select the "I can't scan the QR code" option and to get the seed directly. I setup the Yubico for TOTP using the seed I input. I securely record the seed so I can repeat this on my backup Yubico as sites don't allow multiple TOTPs.

  • @radekcrlik5060
    @radekcrlik5060 11 месяцев назад +3

    Great explanation. I've started using HW keys only recently. Embarassing because I work in IT :) And I still find how it all works with all those options a bit confusing. Must be a nightmare for folks with non IT background.

    • @nadya4315
      @nadya4315 2 месяца назад

      What if I lost my passkey ? It means I wouldn’t restore access to email?

    • @radekcrlik5060
      @radekcrlik5060 2 месяца назад

      @@nadya4315 A lot of services I've used force you to use a secondary method for authentication. For example, one time codes. So you should be ok while loosing only a passkey. But true, you need to store those somewhere safe.

    • @radekcrlik5060
      @radekcrlik5060 2 месяца назад +1

      @@nadya4315 Almost every service I've used don't allow you to use only 1 method of authentication when you use this 2FA or key. So they wanted me setup a second HW key or one-time login codes or something. So if you loose your primary passkey you can still login with a second method. I hope it helps :)

  • @unmapped89361
    @unmapped89361 Год назад +12

    I like your videos, but I can hardly read what you try to show us. The text/writing is so small.

  • @piotrlapinski
    @piotrlapinski 5 месяцев назад

    I’m an owner of the 5c nfc.
    Still can’t figure out from your videos what the difference between passkeys and hardware keys is, I imagine both require sticking or tapping your Yubikey. Listening to you from Poland 🇵🇱 🎉

  • @grizfan93
    @grizfan93 Год назад +4

    How would I handle accessing an account on multiple devices? For example, if I secured my Google account with a passkey, either a Yubikey or my iPhone, how would I then log into that Google account on my smart TV or cable box for Android TV?

    • @JonTheChron
      @JonTheChron 6 месяцев назад

      From your phone as it's done now :)

  • @Darkk6969
    @Darkk6969 Год назад

    Love these videos to show how easy it is to secure those accounts Shannon. If only more websites make use of them.

  • @jeffhale1189
    @jeffhale1189 Год назад

    Thanks for sharing. I enjoy your security content. Blessings on your day.

  • @ZAKtalksTECH
    @ZAKtalksTECH Год назад

    Very helpful. Thanks for making the details simple. Shared with family.

    • @ShannonMorse
      @ShannonMorse  Год назад +1

      Glad it was helpful! Miss you! You going to CES?

    • @ZAKtalksTECH
      @ZAKtalksTECH Год назад

      @@ShannonMorse I'm still weighing costs and sponsorship. Will let you know.

  • @baby333
    @baby333 6 месяцев назад +1

    4:58 hahaha :P love when you do that
    9:20 SOOOOOOOOOOOOOOOO TRUEEEEEEEE!!!!!!! XD

  • @Cryptoscobra
    @Cryptoscobra 23 дня назад

    Is the yubiko key attached to the computer?

  • @Knards
    @Knards Год назад +1

    Shannon, I am about to upgrade one of my computers from Win 10 to 11. Will the yubikey that is registered to the 10 work on the 11? Or is that registration on the websites? Is there a need to make a short video on what to do if you upgrade or do a clean install of windows as it pertains to the current Yubikey?

  • @edvinsroze5388
    @edvinsroze5388 7 месяцев назад +1

    Hi Shannon - I just followed your instructions to add my Yubikey to eBay - awesome! HOWEVER - they do not seem to have the ability to a a backup key - any suggestions?

  • @sinusoidal100
    @sinusoidal100 5 месяцев назад

    Nice videos. I do not get the point of storing a passkey on a device that is protected by a digit PIN. So, 4 digits and you're compromised. So in this case, phone seems more secure (if it does not fallback to a PIN). Or maybe a hardware key with a fingerprint, I'll check for that.

  • @GaryEllis-b4n
    @GaryEllis-b4n 6 месяцев назад

    SEEING YOU GET SO EXCITED OVER YUBIKEYS sHannon I'll send you a couple for Christmas

    • @ShannonMorse
      @ShannonMorse  6 месяцев назад

      no need! I have too many haha

  • @ScottSugimura
    @ScottSugimura Год назад +3

    I understand Passkey is relatively new. But, if I use Passkey with a website. Shouldn’t the website let me delete my password? I’m still vulnerable if they’re hacked and my password is stolen? Correct? This assumes I’m not using 2FA. Am I missing something?

    • @Cbat1
      @Cbat1 Год назад

      I was wondering the same thing

    • @Darkk6969
      @Darkk6969 Год назад

      It depends on how they manage the security features on the website. If there is no option to disable the password best you can do is use a password manager to create a really long password and only use it as backup.

    • @portman8909
      @portman8909 7 месяцев назад +2

      U2F is still two step. They’d need both the password and key to get into the account. What’s so difficult to understand?

    • @thomaswilliams7601
      @thomaswilliams7601 Месяц назад

      Hey Scot
      I was thinking the exact same thing
      Has anyone been able to answer that issue which seems to defeat the idea of having a yubikey.

  • @kg4tri
    @kg4tri Год назад +1

    I tried to set it up on ebay but it doesn't give me the options for passkey . I set up passkeys in one Google account but it will not let me set it up on the other one on this device . phone only .

  • @ColoRadio6996
    @ColoRadio6996 Год назад

    GM Shannon, Stay Safe in Denver., J

  • @philorton1940
    @philorton1940 7 месяцев назад

    Shannon, thank you for all the good videos! I have bought 2 keys and want to 'map out' my security plan before initiating the keys. One topic I can not find information on is running multiple authenticators on the same device. Thinking about retaining my Lastpass authenticator for sites that are less critical and adding the Yubico authenticator for use with physical passkey sites where higher levels of security are needed. Do you have any information place we can research this setup? Or suggestions? Thank You....

  • @michaelekpo4011
    @michaelekpo4011 Год назад

    Excelente! Thank you Shannon for this wonderful video! Would you please do a video on Norton Power Eraser, HitmanPro, and Kaspersky? I wish to see what your opinion is using these products. Thank you once again for your informative videos!!!

  • @storkille1745
    @storkille1745 4 месяца назад

    I have hardware Security key from yubikey but I can’t seem to get iPad Pro 12.9 get to scan it with NFC. Does iPad Pro have NFC ??

  • @captgrant
    @captgrant 7 месяцев назад +1

    No option to setup FIDO key on ebay. Are they still working on it?

    • @optionstraderman
      @optionstraderman Месяц назад

      I found the same to be true. I contacted Ebay this morning and was told PASSKEYS are only available for Business Accounts and Ebay Store Accounts, not Personal Accounts. Today is Aug 10, 2024. Instead of Passkeys, I opted to use the YubiKey for 2FA Authentication in combination with the Yubico Authenticator App. Seems to work just fine.

  • @Gio-zi5lw
    @Gio-zi5lw Месяц назад

    I accidentally made my login key very long am I able to change that?

  • @Dante_Resoru
    @Dante_Resoru 7 месяцев назад

    Thats for the video, so passkey would replace the security key feature ? I now have my yubikeys setup with my google account but no passkey, this I did setup in bitwarden. One reason for that was the limit of 25 passkeys storable on yubikey itself, while I still have them set as security keys to my bitwarden account.

  • @kandjlumber
    @kandjlumber 5 месяцев назад

    I have the Yubikey 5 nfc. is this the updated version of the setup? getting kind of confused here..

  • @Rydia704
    @Rydia704 4 месяца назад

    Does the PC you hold your phone near have to have bluetooth in order to detect passkey on phone? As mine doesn't pop up with anything.

  • @thethinkingman9338
    @thethinkingman9338 3 месяца назад

    That was a clear as mud

  • @LionRoars918
    @LionRoars918 Год назад

    Love my Yubikey

  • @x91w
    @x91w 4 месяца назад

    My Yubikey only stores 5 passkeys, Token2 stores 300. Still a strange low limit

  • @davilajeremy
    @davilajeremy Год назад

    Nice work. How can you sign in via android? Any videos?

  • @JamesDLegan
    @JamesDLegan Год назад +1

    What do you do if you have forgotten the pin number? Is there a way to reset it?

    • @tcasex
      @tcasex Год назад

      The pin number on the yubikey has to be reset, therefore it will wipe the key itself of any certificates, otp, static passwords, etc that have been setup. Gotta start over at that point.

    • @BrainFester
      @BrainFester Год назад

      @@tcasexJames, have you downloaded the Yubikey Manager app from the web site?

  • @grahamarcher2729
    @grahamarcher2729 11 месяцев назад

    Hi Shannon, another great video! I've just sent off for two Yubikeys (I used your site to get a discount, thanks). Can you have the same PIN on the primary key as the spare? or wouldn't you advise this?

    • @ShannonMorse
      @ShannonMorse  11 месяцев назад +1

      You certainly can set them both up with the same PIN but I use different ones for each one. I have a memorization technique to remember each one.

  • @StephenYoung-iq7qg
    @StephenYoung-iq7qg Год назад

    Great job thanks for the info you really know you're stuff keep being you"😊 have a blessed and amazing day.🌞 👍 👍 💯

  • @paul-erikhansen5769
    @paul-erikhansen5769 Год назад

    Great video, thanks..... but I just missed the reason to buy/use Yubikey, when you might as well use ie. your mobile phone that you already have?? what are the added benefits of the Yubikey?

    • @ShannonMorse
      @ShannonMorse  Год назад +2

      Hey, check out my passkey playlist! I did a video about the pros and cons of each version

  • @elbundy99
    @elbundy99 11 месяцев назад

    Great video, but I have one question, how do I get a phone into the device list like it is shown in video at 6:51. On my iMAC I get only liste my old mobile, for my new pixel8 I have always go via the "use different phone or tablet" option. Even after going multiple times through it an tick the "remember that computer " checkbox it will not shown. When I click on manage devices button I see just my old phone in m devices and not the Pixel8 as well there is no way to add or remove a device.

  • @roymazz
    @roymazz Год назад

    There seems to be a flaw with Adobe. I registered my yubikey as a passkey, put in my PIN from the Windows Security screen, touch the "Y" and it says it was setup successfully, but when I logout and login to try it, the Windows Security screen comes up and says the security key doesn't look familiar. I've setup a passkey on other sites with no problem. Wonder if you could try Adobe and see if you get the same thing.

  • @ricp
    @ricp 2 месяца назад

    is the Biometrics route required for google accounts or could you have done it via the Yubikey instead?

    • @optionstraderman
      @optionstraderman Месяц назад

      I'm using the standard YubiKey 5 NFC key on Google using passkeys. It works just fine.

  • @janokartal5690
    @janokartal5690 Год назад

    Nice Shannon 😊

  • @OliverJonCross
    @OliverJonCross 8 месяцев назад

    On desktop Gmail asks for my username and password. I want it to use my phone and fingerprint. I click to create a passkey and I get the windows security message asking me to insert a usb key. I don't get the option to use my phone. I have 2 factor authentication via USB as well. I'm a bit confused at how to set this up and various videos always show the option to choose your phone.

  • @practicalengineer7442
    @practicalengineer7442 Год назад

    I absolutely love this video. And I love how you showed how to do this with your phone step by step. There is just 2 things though that i wanted to ask. By any chance for passkey to work does your PC have to have Bluetooth capabilities? Secondly i have a Pixel 6A and have a passkey already set up for my phone but yet everytime I try to login i never get the prompt on my phone to verify my identity. I end up having to either use my password or use the QR code everytime just to login. Do you know by any chance is this something on my end or could it be on Google's end?

    • @GrantKegley
      @GrantKegley Год назад +1

      I'm wondering the same thing regarding the Bluetooth

    • @optionstraderman
      @optionstraderman Месяц назад

      Yeah, I'm thinking that Bluetooth IS required. Unfortunately, my PC doesn't have Bluetooth, so it's a no go for using that method for me.

  • @GrueTurtle
    @GrueTurtle 11 месяцев назад

    More security or less privacy?

  • @miner3993
    @miner3993 10 месяцев назад

    Would I be about to use a Security Key C NFC The YubiKey 5 C NFC to create passkeys for my APPs and Websites? Or do I need to get The YubiKey 5 C NFC. What would be the reason way I would want to get The YubiKey 5 C NFC over the Security Key C NFC

  • @excellancy7739
    @excellancy7739 7 месяцев назад

    Most of your videos are on or about PC’s. Why don’t you do one or several on or about Yubico keys for Apple products.

    • @ShannonMorse
      @ShannonMorse  7 месяцев назад

      Most of my audience is Windows/Linux/Android and Apple videos don't get a lot of views. I also only have an iPhone, no other Mac products. I may delve into apple products more if there is enough audience base to justify the cost of the products. I would need to purchase them as apple wouldn't send them.

  • @m.b786
    @m.b786 Год назад

    passkey without GAFAM product ?

  • @God77Particle
    @God77Particle Год назад

    ❤❤have a great weekend ❤❤

  • @anonymitycoffee917
    @anonymitycoffee917 2 месяца назад

    WITCH ONE DO I BUY TO DESKTOP PC WITH USB THAT DOES HAVE USB -C ON NOT SURE WHAT I LOOKING FOR CAN I JUST HELP WITH THAT NAME OF THE LOOKING FOR TY

    • @optionstraderman
      @optionstraderman Месяц назад

      I have not seen a key that does both USB A and USB C. They are two separate keys or you can buy either one and then purchase an adapter to plug it into to switch to the other style port. I have the YubiKey 5 NFC, and I purchased an adapter to go from USB-A to USB-C. Got them on Ebay. Hope this helps.

  • @RobSnow-ui4sz
    @RobSnow-ui4sz 9 месяцев назад

    What if I change my phone service from Apple to Android or vice versa. Am I locked into that eco system? How do I port passkeys back and forth systems. I don't think it is possible. If it is do share. Also those that use public libraries computers need not apply so this creates a rift in society for those that have and those that have not. Passwords will be around for a long long time until that can be resolved.

  • @spy8464BB
    @spy8464BB 7 месяцев назад

    Hello Shannon. Please respond. I have two 5 series yubikeys and need just a little clarification. While using a 5 series yubikey is there a way to use my key with accounts like B of A..... that don't offer anything but 2FA sms? I keep hearing on other yubikey videos that the 5 series offers multiple uses. Am I missing something?
    Thanks

    • @optionstraderman
      @optionstraderman Месяц назад

      It appears it's really up to the individual businesses to decide what security they choose to make available to users. For example, in this video she setup Ebay as a PASSKEY. I went to my Ebay account to do the same and could not find anything referencing PASSKEYS for Personal Accounts. I contacted Ebay and they confirmed that PASSKEYS are only available on Business Accounts and Store Accounts. So I just used my key to login with the 2FA Authentication they have available. I suspect many companies will eventually make Passkey use available, but until they do, a Hardware physical YubiKey + Yubico Authenticator for 2FA is likely the next most secure way to protect your account. Once you have it setup this way, you may want to physically copy the QR Code Page and print it out for every account as you introduce the YubiKey as well as print out a copy of the "Backup Codes" and keep them safe just in case. Once you do that, you can remove or disable all other types of account login 2FA methods so your account becomes relatively bullet proof unless someone has your physical Yubikey in hand.

  • @AlucardFeeds
    @AlucardFeeds Год назад

    Can someone help me with passkey not saving into the same file? It keeps making new files and not syncing

  • @kg4tri
    @kg4tri Год назад

    I got a Ybikey a few months ago and set up a second Gmail account to test it out. It never asked for a pin.

    • @ShannonMorse
      @ShannonMorse  Год назад +3

      Some websites won't require the pin on your yubikey.

  • @NotMolly-jf2rh
    @NotMolly-jf2rh 8 месяцев назад

    Does yubi work with Brave?

  • @LazyJones
    @LazyJones Год назад

    Comment for engagement

  • @tenragrats1
    @tenragrats1 9 месяцев назад

    I can’t believe how confusing this is,,,,

    • @portman8909
      @portman8909 7 месяцев назад

      It’s not? It’s the easiest 2FA option

  • @djo5296
    @djo5296 Год назад

    firefox pls update yourself ; __ ;