Thanks for watching!! Learn how to get the app for your devices here: www.yubico.com/products/yubico-authenticator/ Get $10 off 1x Yubikey 5 series key or $20 off of 2x Yubikey 5 series keys with coupon code 'HASHOSHI': www.yubico.com/products/yubikey-5-overview/
You always forget your phone, which you use daily for a hundred things and is usually in plain sight, but never forget your tiny little yubi key? Yeah right.
Great video 👍 I have a question about the secret code, is it the key backup or is it just a backup for the Amazon OTP in this exemple ? Edit: my bad your are explaining it at the end 😅 So I would have to save every OTP code, there is no way to have a secret phrase for the whole key ?
I had switched phones and forgot about my Google authenticator. Got wiped! Thank goodness I only had nothing vital on it otherwise I would have lost access. Thanks for bringing this up. But to pay for an authenticator? Not sure. Two authenticators for redundant backup? Not sure.
That's a big reason I love the Yubikey setup, the 2FA is no longer tied to a phone. If you lose your phone and get a new one, it's all intact. Everyone is different in what they deem to be worth it or not, but for me, buying two Yubikey 5C NFC keys for ~$110 is a no-brainer to protect my banks, crypto exchanges, and socials. That said, I recognize that is a steep price to pay even if it's one-time. Either way, if you're using anything other than SMS 2FA, you're doing better than most! Thanks, cheers!
Nice. It is making a little bit more sense to me now. Instead of on a piece of paper maybe load the authenticator app secret code and password on a secure USB drive?
Nice video overview. Unfortunately, it's difficult to use the Yubico Authenticator app if you primarily use a Chromebook. The Android app downloaded on Chromebook doesn't seem to function properly and doesn't recognize my YubiKey from the USB port. I wish there was a good solution for Chromebooks. Also, the Authenticator app on my Android phone always gives an error when trying to use NFC. So, I can really only use it by plugging a USB-C key into my phone. This all sounds like a great system in concept, but just not working well for me. Oh well.
@@pipeliner8969 I did end up emailing Yubico. Fixed the NFC problem by first adding a code onto my key using a Windows computer. If there were no codes loaded, NFC through the app didn't work. But once the first code got saved, then it became fully functional for some reason. It's a little annoying if you don't have a Windows computer handy, but at least it worked for both of my keys. As for the Chromebook, the app is just not designed to work on a Chromebook. Oh well.
It's wise to use an authenticator app or a security key but the problem is that not all site will allow users to a 2FA authenticator of their choice, let alone a 2UF security key.
Hi, Thanks for your video. Just got an NFC 5 key and loving it. Can you tell me if anyone has mentioned that the Amazon Australia pc version only has the 2SV option. There is no option to set up a security key. Thanks again for your time, John
On accounts that offer both Security Key and the Authenticator App during setup, which is better... the Yubikey itself or the Yubico Authenticator App?
I discovered that copy/paste does not work when using the 'secret' code beneath the QR code. It has to be typed manually (without any spaces). A screenshot can preserve the QR and the secret code if additional keys are needed later.
Good video, I like how you presented it. I have a request if I may ask. Is it possible to use the Yubico Authenticator for Instagram? If it is possible, can you show us how to do it for the IPhone?
Except the bank doesn't accept it .. only SMS / email or if you are lucky phone call. Or there is NO 2FA at all .. credit union. I won't mention their company names but I bet you know them both.
i would have a question in terms of the OTP code generation. does that mean i need the key for every OTP i want to generate or is that just for the initial setup? I intend to use the OTP function with a key, but i would not like it if i need to use the key everytime i just want to use a OTP when logging in somewhere. Can you shed some light of the usage as i could not find that anywhere. Thanks!
can you provide a tutorial at how to install yubico authenticator on linux, say LMDE? as due to recent windows excessive issue with privacy and telemetry, im moving away from it and using linux
oh man, I bought the blue one which does not support the phone app. 😒. why would they make one that does not support the app?! When plugging the blue key into the phone it says OATH functionality missing or disabled. What a waste.
So if the secret key comes in QR code, where is the secret key in hardware used in the process? Do you mean secret key from QR code is stored on yubikey?
Hey hasoshi..thanks for yr vids....2 questions...1) can u use yubi authenticator on desktop (linux) aswell as mobile? 2) can i use yubi authenticator without the actual yubikey? Thanks v much
Basically every comment on YT recommending an alleged expert that will help you make profit, is a SCAM. I want to wake up one morning and find out that all the scammers and bots have been eliminated from CZcams, I know it's possible if we all report them.
This stuff is all way too complicated for a lot of users, and creates all sorts of problems with accessing your own accounts. What if I lose the key? What if I don't have the key on me (you clearly have to have it on you at all times. If all I have is a phone but no tablet, laptop, or PC, how do I carry it around all the time? What if my phone is stolen, or becomes so damaged it can't be fixed?. I can think of so many issues that would lock me out of my own accounts). And what if we can't afford two yubikeys?
I'm not well versed when it comes to 2fa/encryption. My question is if a yubico key is purchased would it work on an apple phone and Android phone or would two different yubico keys be needed?
Hello, can I installed the authenticator app on a phone and a computer with the same yubikey? So I can login onto my accounts in the case my phone is gone, or login from my phone if I want to by NFC or/and inserting(touching)
Hi Danny - when you scan the QR or copy and paste the secret from the account you’re adding to Yubico Authenticator, simply tap or plug in your second key after adding it to the first and add it there too. Same process. The only change here from adding to one key is that you’re not confirming your six digit code right after scanning the QR/pasting the secret, you are doing that only after you’ve added the second key. Some also prefer to record the 2FA secret in pencil and store in a safe so they always have a backup, but that’s up to you
@@dannyleahy9165 with OATH-TOTP, you can think of the secret / QR as the private key in a sense. It’s just an algorithm that takes time and that secret and generates your 6 digit code. Same secret, same time, same code
Can we use two 2FA apps? Or does it confuse the system ? I had to get one for school and ended up using it but found better ones. So, I want to make sure it is fine to use both for same accounts?
You can use as many apps as you want, the TOTP algorithm will produce the same 6-digit code if given the same time input and secret (what you enter via QR code or manually typed)
NOTE: the more you spread out that secret the more risk you are exposing it to though, if you store it on your phone's onboard storage (Google Auth, VIP Access, etc.) and then have Yubikey and Yubico Authenticator, you are inheriting the lowest common denominator in security: the onboard storage. I'd recommend Yubico Authenticator + Yubikey every time personally :)
So I get your phone and unlock it with a four digit code and then access your email and authentication app. I have all the access I need. Your phone is the weakest link. Authentication app is pointless if just about anyone can access it on your phone
The weakest link is yourself. Security is a product of a series of choices one makes with the tools they have. You have control of your passcode and who has access to your phone, and you can set an adequately long and complex password to the key itself rendering it useless without it. If you use a 4 digit passcode and unprotected key, then yes, that’s probably unwise
Okay I just tried it 🎉🎉🎉 OMG can’t get into it without the 🔑 I’ve been using others before like google and worried you can access it on my phone but Yubico needs the key to even launch the app.
Hey Hashoshi I have spent a lot of time creating a crypto backup plan and would love to present it to you. It’s kind of intricate using 2 of 4 multisig and I want your feedback, and maybe it could help some people trying to secure their crypto. Is there a better way to share it with you than comments? Cheers
I get that you guys need to get paid for making videos, but it's hard to trust a review of something when you're being paid by the company to promote it. I miss the days when ppl would just do authentic reviews :/
DO NOT BUY THIS PRODUCT, unless you know EXACTLY how to use and install it! YUBICO provides NO SUPPORT whatsoever. Also, once you spend 50 or 60 bucks on this product, they highly recommend that you spend another 50 or 60 bucks on a spare, unless you want to be locked out of your accounts. This is called bait and switch! This is a very unscrupulous company. Recommend not doing business with them!
Thanks for watching!! Learn how to get the app for your devices here: www.yubico.com/products/yubico-authenticator/
Get $10 off 1x Yubikey 5 series key or $20 off of 2x Yubikey 5 series keys with coupon code 'HASHOSHI':
www.yubico.com/products/yubikey-5-overview/
not working
coupon code 'HASHOSHI' does not work
Temporary code, will likely have another at some point
Hi, could you give us a new coupon code pls @@Hashoshi4
Excellent presentation.
Ahh bro I’m always running or something when listening to you and forget to comment 🤷🏼♂️ great show as always, to bad I missed the sponge bob hype🤙🏻.
Hi not quite following the step of “save the secret phase on to a 2nd key”… could u advise a bit more on it?
Thanks
i have 2 and i ended up adding the code to one key. exiting the app, taping new key and rescanning.
You always forget your phone, which you use daily for a hundred things and is usually in plain sight, but never forget your tiny little yubi key? Yeah right.
Dude, put it on your keyring.
Great video 👍 I have a question about the secret code, is it the key backup or is it just a backup for the Amazon OTP in this exemple ?
Edit: my bad your are explaining it at the end 😅
So I would have to save every OTP code, there is no way to have a secret phrase for the whole key ?
I had switched phones and forgot about my Google authenticator. Got wiped! Thank goodness I only had nothing vital on it otherwise I would have lost access. Thanks for bringing this up. But to pay for an authenticator? Not sure. Two authenticators for redundant backup? Not sure.
That's a big reason I love the Yubikey setup, the 2FA is no longer tied to a phone. If you lose your phone and get a new one, it's all intact. Everyone is different in what they deem to be worth it or not, but for me, buying two Yubikey 5C NFC keys for ~$110 is a no-brainer to protect my banks, crypto exchanges, and socials.
That said, I recognize that is a steep price to pay even if it's one-time. Either way, if you're using anything other than SMS 2FA, you're doing better than most!
Thanks, cheers!
Nice. It is making a little bit more sense to me now. Instead of on a piece of paper maybe load the authenticator app secret code and password on a secure USB drive?
Nice video overview. Unfortunately, it's difficult to use the Yubico Authenticator app if you primarily use a Chromebook. The Android app downloaded on Chromebook doesn't seem to function properly and doesn't recognize my YubiKey from the USB port. I wish there was a good solution for Chromebooks. Also, the Authenticator app on my Android phone always gives an error when trying to use NFC. So, I can really only use it by plugging a USB-C key into my phone. This all sounds like a great system in concept, but just not working well for me. Oh well.
report it to the developers
@@pipeliner8969 I did end up emailing Yubico. Fixed the NFC problem by first adding a code onto my key using a Windows computer. If there were no codes loaded, NFC through the app didn't work. But once the first code got saved, then it became fully functional for some reason. It's a little annoying if you don't have a Windows computer handy, but at least it worked for both of my keys.
As for the Chromebook, the app is just not designed to work on a Chromebook. Oh well.
@@popperfrozy And they are not planning on improving this? Many schools and enterprises use Chromebooks.
@@pipeliner8969 Apparently not at this time. I agree, they really should add Chromebook compatibility. Everyone should.
@@popperfrozy I doubt they will considering Google has a 2FA module they sell. Hint, hint.
thank you, now you can explain the other APP to manage the keys: YubiKey Manager ? is confusing!
It's wise to use an authenticator app or a security key but the problem is that not all site will allow users to a 2FA authenticator of their choice, let alone a 2UF security key.
Hi, Thanks for your video. Just got an NFC 5 key and loving it. Can you tell me if anyone has mentioned that the Amazon Australia pc version only has the 2SV option. There is no option to set up a security key. Thanks again for your time, John
Great stuff, Hashoshi! 👍🏼
Splendide . Could you talk about their Password feature, instead of using Password for an example ?
On accounts that offer both Security Key and the Authenticator App during setup, which is better... the Yubikey itself or the Yubico Authenticator App?
The actual hardware Yubikey itself
@@azclaimjumper Thank you.
Thank you for sharing this info!
I discovered that copy/paste does not work when using the 'secret' code beneath the QR code. It has to be typed manually (without any spaces). A screenshot can preserve the QR and the secret code if additional keys are needed later.
You mean that tiny QR code on the key that my phone camera can’t even read.? That one..?
What happens when I get a new phone? Can I easily use my Yubikey on my new phone with the Yubico Authenticator?
Good video, I like how you presented it. I have a request if I may ask. Is it possible to use the Yubico Authenticator for Instagram? If it is possible, can you show us how to do it for the IPhone?
The app don’t work on iPhone for me I dunno why
Excellent...very informative..Thanks.
Thanks mate, it's very helpful
Great video but I am having a difficult time trying to use myYubikey NC NFC with my Pixel 7 Have some suggestions? thanks
Great video! Love this app.
Have you ever tested the Raivo Authenticator for iOS? If so, how does it compare to the Yubico Authenticator?
Except the bank doesn't accept it .. only SMS / email or if you are lucky phone call. Or there is NO 2FA at all .. credit union. I won't mention their company names but I bet you know them both.
Thanks, I was wondering about my bank or brokerage account accepting the code.
How do you add the code to the spare YubiKey
i would have a question in terms of the OTP code generation. does that mean i need the key for every OTP i want to generate or is that just for the initial setup? I intend to use the OTP function with a key, but i would not like it if i need to use the key everytime i just want to use a OTP when logging in somewhere. Can you shed some light of the usage as i could not find that anywhere. Thanks!
I believe you need the key each time. To open the Authenticator app, you have to scan the key.
Hello! I was just wondering, if you would be willing to show how to use the Yubico Authenticator App for Instagram? Just curious.
Thanks for your work!
can you provide a tutorial at how to install yubico authenticator on linux, say LMDE? as due to recent windows excessive issue with privacy and telemetry, im moving away from it and using linux
oh man, I bought the blue one which does not support the phone app. 😒. why would they make one that does not support the app?! When plugging the blue key into the phone it says OATH functionality missing or disabled. What a waste.
This is correct 100%
So if the secret key comes in QR code, where is the secret key in hardware used in the process?
Do you mean secret key from QR code is stored on yubikey?
You really know your shit! Subcribed 😄
Hey hasoshi..thanks for yr vids....2 questions...1) can u use yubi authenticator on desktop (linux) aswell as mobile? 2) can i use yubi authenticator without the actual yubikey? Thanks v much
1. Yes! Any platform where there’s an app. 99% sure there is a Linux version
2. No you need the Yubi hardware - the TOTP is calculated on board
Thanks dude👍🍻
Basically every comment on YT recommending an alleged expert that will help you make profit, is a SCAM.
I want to wake up one morning and find out that all the scammers and bots have been eliminated from CZcams, I know it's possible if we all report them.
Thanks, Thor
it's 2024 and still few banks support Yubico. So not worth it
Now I feel like drinking some Molson Canadians.
Ahhh.. hmmm. I still don't 100% understand how it works.
My sentiments.
why is it only allowed to have 32 accounts? What if I nee more?
great video
This stuff is all way too complicated for a lot of users, and creates all sorts of problems with accessing your own accounts. What if I lose the key? What if I don't have the key on me (you clearly have to have it on you at all times. If all I have is a phone but no tablet, laptop, or PC, how do I carry it around all the time? What if my phone is stolen, or becomes so damaged it can't be fixed?. I can think of so many issues that would lock me out of my own accounts). And what if we can't afford two yubikeys?
Then don’t use it. Such a stupid comment
I'm not well versed when it comes to 2fa/encryption. My question is if a yubico key is purchased would it work on an apple phone and Android phone or would two different yubico keys be needed?
If you get the 5C NFC key it will work on iPhones and Android phones that have NFC capability as well as USB-C enabled computers :)
@@Hashoshi4 thank you sir 👍🏽
How many 2FA QR secret keys can be saved in a Yubikey 5 series key?
32 IIRC
Hello, can I installed the authenticator app on a phone and a computer with the same yubikey? So I can login onto my accounts in the case my phone is gone, or login from my phone if I want to by NFC or/and inserting(touching)
Yes, there's a desktop app. When you insert your yubikey your accounts will appear.
This is awesome
Thanks Tom! cheers
Not sure I understand how to add the initial ‘seed’ code to a second, backup key.
Hi Danny - when you scan the QR or copy and paste the secret from the account you’re adding to Yubico Authenticator, simply tap or plug in your second key after adding it to the first and add it there too. Same process. The only change here from adding to one key is that you’re not confirming your six digit code right after scanning the QR/pasting the secret, you are doing that only after you’ve added the second key.
Some also prefer to record the 2FA secret in pencil and store in a safe so they always have a backup, but that’s up to you
So two different Yubikeys, with different public/private keys, will generate the same 6 digit 2FA if they both are seeded with the same ‘secret’?
@@dannyleahy9165 with OATH-TOTP, you can think of the secret / QR as the private key in a sense. It’s just an algorithm that takes time and that secret and generates your 6 digit code. Same secret, same time, same code
Can we use two 2FA apps? Or does it confuse the system ? I had to get one for school and ended up using it but found better ones. So, I want to make sure it is fine to use both for same accounts?
You can use as many apps as you want, the TOTP algorithm will produce the same 6-digit code if given the same time input and secret (what you enter via QR code or manually typed)
NOTE: the more you spread out that secret the more risk you are exposing it to though, if you store it on your phone's onboard storage (Google Auth, VIP Access, etc.) and then have Yubikey and Yubico Authenticator, you are inheriting the lowest common denominator in security: the onboard storage.
I'd recommend Yubico Authenticator + Yubikey every time personally :)
Can you get one yubikey for two people and be used for several different accounts among the two people?
Yes, you could do that. It may not be a perfect solution but it’ll work
BAD idea to have only ONE Yubikey. BAD BAD
For the same reason you'd never buy a lock that came with only one key.
Hash bringing the heat!
Thanks my friend!
So I get your phone and unlock it with a four digit code and then access your email and authentication app. I have all the access I need. Your phone is the weakest link. Authentication app is pointless if just about anyone can access it on your phone
The weakest link is yourself. Security is a product of a series of choices one makes with the tools they have. You have control of your passcode and who has access to your phone, and you can set an adequately long and complex password to the key itself rendering it useless without it. If you use a 4 digit passcode and unprotected key, then yes, that’s probably unwise
Okay I just tried it 🎉🎉🎉 OMG can’t get into it without the 🔑 I’ve been using others before like google and worried you can access it on my phone but Yubico needs the key to even launch the app.
Is it possible to use the Yubico Authenticator App for Instagram?
Yes, you can
@@josephsalim9638 May I ask how that can be done? Because I bought the key but I’m not sure how to use the Yubico Authenticator App for Instagram.
Hey Hashoshi I have spent a lot of time creating a crypto backup plan and would love to present it to you. It’s kind of intricate using 2 of 4 multisig and I want your feedback, and maybe it could help some people trying to secure their crypto. Is there a better way to share it with you than comments? Cheers
Is it free?
nice
Thanks
I get that you guys need to get paid for making videos, but it's hard to trust a review of something when you're being paid by the company to promote it. I miss the days when ppl would just do authentic reviews :/
This is not a good strategy. Please beware. I wrote a well thought out comment, along with a solution and it got deleted. Why, I have no idea!
I’d welcome any tangible reason why this isn’t effective.
Maybe CZcams doesn't allow to post links
Excellent for protect epic games account form hackers 🎉+ proton mail 😎
coupon code 'HASHOSHI' does not work
DO NOT BUY THIS PRODUCT, unless you know EXACTLY how to use and install it! YUBICO provides NO SUPPORT whatsoever. Also, once you spend 50 or 60 bucks on this product, they highly recommend that you spend another 50 or 60 bucks on a spare, unless you want to be locked out of your accounts. This is called bait and switch! This is a very unscrupulous company. Recommend not doing business with them!
Thankfully Yubico strongly recommends buying 2 Yubikeys instead of just one.
You'd never buy a physical lock that came with only ONE key.
My key was 30?