Passwords are not secure, and routinely allow online accounts to get hacked. In this video we'll use a YubiKey to protect our accounts with strong FIDO2 WebAuthn (W3C Web Authentication). I'll demonstrate how this works; explaining why passwords are insecure, why YubiKeys are much safer, and how they can protect you from hackers, phishing, and man-in-the-middle attacks.
Passwordless authentication is the future and thanks to the FIDO Alliance it is gaining wider support. If you're ever wondered how it works, I'll show you.
🛒 Links to YubiKeys:
The links below are affiliate links, which means that if you make a purchase I may receive a commission. This doesn't affect the price, and helps support the channel.
As an Amazon Associate, I earn from qualifying purchases
*YubiKey* *5* *Series* *(Featured* *in* *Video)*
Supported Security Functions: WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F), Smart card (PIV-compatible), Yubico OTP, OATH – HOTP (Event), OATH – TOTP (Time), OpenPGP, Secure Static Passwords
➡️ USB-A + NFC: https://amzn.to/3CrYwbp
➡️ USB-C + NFC: https://amzn.to/3C5YuEN
➡️ USB-C + Lightning: https://amzn.to/3yxiVtl
*YubiKey* *5* *Nano* *Series* *(To* *Leave* *Plugged* *In)*
Supported Security Functions: WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F), Smart card (PIV-compatible), Yubico OTP, OATH – HOTP (Event), OATH – TOTP (Time), OpenPGP, Secure Static Passwords
➡️ USB-A: https://amzn.to/3M1UjOx
➡️ USB-C: https://amzn.to/3SohGV3
*YubiKey* *Security* *Key* *Series* *(Basic/Cheap* *Version)*
Supported Security Functions: WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F)
➡️ USB-A + NFC: https://amzn.to/3CqEAp5
➡️ USB-C + NFC: https://amzn.to/3M1JV9J
*YubiKey* *Bio* *Key* *Series* *(Biometric* *Version)*
Supported Security Functions: WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F)
➡️ USB-A: https://amzn.to/3Szai9q
➡️ USB-C: https://amzn.to/3C0Ipjp
*FIDO* *Alliance*
More information about passwordless authentication
➡️ https://fidoalliance.org/
*Works* *with* *YubiKey*
List of supported applications/services
➡️ https://www.yubico.com/works-with-yubikey/catalog
💬 *Follow* *Me*
https://twitter.com/AndrewMRQuinn
Video timestamps:
0:00 - Passwords are Bad
0:53 - The FIDO Alliance
1:18 - YubiKeys
2:09 - YubiKey/WebAuthn Demo
3:05 - How Passwords Work
5:03 - How YubiKey/WebAuthn Works
8:36 - Protection Against MitM/Phishing
10:07 - Multifactor Passwordless Authentication
12:09 - Biometric Authentication
12:38 - Limitations
14:09 - Use as a Second Factor
14:30 - What If You Lose Your YubiKey?
15:13 - Passwordless is a Journey
15:45 - Virtual/Remote Deskops
The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
#CyberSecurity #FIDO #Passwordless #YubiKey #CyberSecMonth