Here's Why I Moved to Security Keys for 2FA

Really funny because 'U2F' is one of those words you only read and never have to say - well I just consistently said it wrong the whole video :P Enjoy the review/coverage!

techlore

Absolutely love security keys and the peace of mind they provide. However it baffles me that every bank I have only allows SMS verification 😒

tATuCentral

I appreciate the usage of the term “hardware key” all over this video instead of saying a singular brand like many do.

gotoastal

well u2f is so expensive so aegis 2fa is still a chad for security

zrden_

I bought 2 Security Yubikeys, because they fit my threat model. I still struggle with the "management" part but I'll get there, it's just a matter of finding the more intuitive arrangement, but overall I like this solution a lot. The irony is the few services I use that accept hardweare keys are the (only) ones that accept TOTP. It's all or nothing, so I've decided, whenever it's possible, to delete accounts or services that don't offer at least SMS 2FA.
Thanks a lot for your video, and all your work :)

lexshizumdot

This is a great video. I was not fully aware of how U2F/Hardware keys work. After watching this, I would seriously start considering them. Thank you!

redeyesdrogon

I wish their keys were made of durable materials or that they were honest with clients and tell them: “don’t store these with your keys in your pocket”

hugoedelarosa

Yubikey has a 2fa app. The info is kept on the key. If someone can open the app they will find nothing.

penultimatename

U2f is nice, but personally I would only recommend it for business, including working for yourself. TOTP is frankly more than enough.

mukkaar

4:53 limitation #3, this is the main reason why I haven’t switched to these. I’m thinking of the disaster scenario where my house (and Yubikey) gets destroyed in a tornado. Keeping a backup key at a friends house isn’t a good idea because that would require having a friend, you’d have to retrieve it every time you update or create a new credential, and what if the tornado hits his house too? I’ve setup as many of my credentials using zero trust, like my password manager. So if I lose the password or 2FA there’s no way the service can let me back in. Having a weaker backup authentication method defeats the purpose of using the Yubikey in the 1st place. So, I’ve stuck with TOTP codes that I have encrypted backups of in the cloud. If an asteroid destroys my house and the cloud, then I’ve got bigger problems.

notreallyme

Henry, you are GREAT at this. Thanks for this helpful info. I look forward to your review(s) of the open source alternatives to Yubikeys.

galaxytrio

Biggest obstacle is that it's not widely available in most of the countries ! Moreover, govt. in those places can ask operators to share SMS or force you legally to unlock your phone :)

ooooOoooo

You should do a yubikey guide, is a pain in the ass understand everything about it, just open the Manager (PIV, FIDO, OTP) pin, passwords and open the Auth App more stuff, is a mess!!! understand the two yubikey apps. This video is useless until you explain all that showing that two apps.

JohnSmith-zlrz

I have 2 yubikeys, best 80 bucks I ever spent.

sammydepresso

People with security keys: "Wow look at me, my security is impenetrable!"
People with fingers: "yoink that real quick thanks"

capn

Switching off a phone entirely for a year has been difficult. Arguing with the bank to remove the cell number they have on my account or disable 2fa and they just wouldn't and ultimately left with just freezing the account entirely.

Pewafamath

Great video. I use mine with my password manager Bitwarden. I wish financial institutions (i.e. banks, credit card companies) support hardware 2FA.

manny

Great video like always. I’m looking forward to the reviews on the other hardware keys

Torpps

Yeah, Laptops should put more than 3 USB ports!
Less than 3 is just embarrassing

myentertainment

You don't need to plug them in. You can use NFC on some models

alicethegrinsecatz