Up next in 10
So you think you're good at choosing passwords? But do you really want to trust the security of all your online accounts to a dozen letters and digits? That's why 2-factor authentication is good, and it doesn't get better than a FIDO2 security key. Enter the remarkably affordable GoTrust Idem Key, supporting both FIDO2 and FIDO U2F.
Tech expert Dave Taylor of https://www.AskDaveTaylor.com/ explains why it's a great upgrade to your online account security and demonstrates its use both on a Mac system and a Windows computer. Learn how he set up his Twitter account to support FIDO U2F with the Idem Key too:
https://www.askdavetaylor.com/configure-require-security-key-for-twitter-account-login/
Check out the GoTrust Idem Key on Amazon: https://amzn.to/2wO880t
Show More Show Less View Video Transcript
0:00
Can this tiny device improve your online security
0:03
Let's check it out. Dave Taylor here and I'm looking at this
0:14
This tiny little device is actually a pretty sophisticated piece of electronics
0:18
This is the GoTrust iDemKey and it is a FastID Online or FIDO device
0:27
So it supports FIDO2 or FIDO U2F and U2F is Universal Two-Factor
0:34
So when you've read me writing and you've heard me talk about two-factor authentication
0:39
number one, always enable that on every possible site you can. It makes it more secure
0:45
But this is a very special kind of two-factor authentication device because it's standalone and you look at it and you think
0:52
so what, does this send a secret code or something? And the answer is yes, but it's a public key encryption device
0:59
So what happens is that every time you go to log in
1:03
the site you're logging into challenges this device by sending a sequence
1:09
and then using public key encryption or cryptography, this generates a unique response based on that challenge
1:17
And if both of those match, then you log in. If they don't match, you don't. Easy enough
1:23
Now, why is all this so important? Well, it's important because your password alone is not enough to keep you secure
1:30
Now, let's imagine you're traveling somewhere and you need to stop by an Internet cafe
1:34
and log into your Dropbox or maybe your Facebook or your Twitter account or something
1:42
Now, you log in, everything works fine, but if you just use a password
1:47
then you might not realize someone has just actually logged your account and password pair
1:52
There's a lot of ways you can do that. You can install software if you have access to the computer
1:57
You can install a little gizmo between the computer and the keyboard if it's a remote keyboard
2:03
There's a lot of ways people can capture that data. They can even just sniff the Wi-Fi network, right
2:09
But what if I told you I could give you my password and you still can't log in
2:14
That's the magic of two-factor authentication. Now, a lot of people use it with their smartphones and that works fine
2:20
but what if your smartphone's not available? What if there's no Wi-Fi? What if there's no cellular signal and you're somewhere where you just have a hardwired computer and connection
2:29
So, that's really where these come in really handy and this is what a lot of corporations use
2:35
In fact, the U.S. government uses a key almost identical to this
2:40
same basic technology with FIDO2 and FIDO U2F, right? So, let's talk about FIDO-enabled services
2:49
Now, what you can't do, and this is something that's important because people don't realize this
2:53
is you can't use this to log into a PC or a Mac or a Linux machine
2:58
That's not its purpose. Its purpose is to help you with more secure online systems
3:04
So, Google, Dropbox, Facebook, Microsoft, GitHub, Twitter, all of those support. And you can just do a quick search as FIDO2, the digit two
3:14
and just look to see if your favorite online services support this
3:18
Really cool, right? So, all you need to do is put this on your keychain
3:22
It is water and weather resistant and tamper-proof, so no one can pop it open and steal your secret passcode or anything
3:30
because a public key encryption system starts with a private key, which is stored on this thing
3:36
That's also why someone else can't take a different key and log in pretending to be you
3:41
It's tied to your specific device. Now, in terms of actually having it work
3:47
it actually works with Mac and Windows and Android and iOS in different ways
3:54
and you can get it to work on Linux. You might have to install some software
3:58
Mostly, it's web browsers that support this U2F or FIDO, you know, U2F system
4:05
and I'll show you on both Windows and Mac how this works
4:09
It's actually pretty cool, but you don't have to install anything, and that's super important because, again
4:15
if I'm on the road and I go into an internet cafe or a library
4:19
and they have hardwired old-school PCs, when I go to log in, I don't know what the heck's running on that computer
4:26
Do I really trust the librarians to be tech experts and be able to foil every possible hacker who's out there
4:33
They're really good at their job. I'm not sure that's part of it. So, I'd rather have my own security system
4:39
and that's where something like this can be great. So, I can go to a stock Windows or Mac system
4:45
go to log in to a service like Twitter, which is what we're going to use for the demo
4:49
and have this make sure that even if someone steals my password
4:53
they're still not going to come back in half an hour and log in as me, change the password, and then take over my account
4:59
That would not be good. So, let's do the demo. I'm going to start with Mac, because on the Mac, it's much easier to do a screen capture
5:06
So, I'm going to get my Mac fired up, and I'm going to actually get this thing recording
5:14
So, here I am at Twitter.com, and I'm going to go ahead and log in
5:18
Now, I have a couple of different accounts. I'm going to use one called FilmBuzz
5:22
and this has a pretty complicated password, so bear with me while I type it in
5:28
It is not something that is easily guessed, and it's so complex, I don't remember it
5:34
But that's the point. So, I'm going to log in, but now, instead of it saying
5:39
you're good to go, it now says, hey, you need to enter your security key
5:44
So, I'm going to do that, and I'm going to just put the key into one of the ports on the Mac
5:49
and then you have to touch the little circular sensor. It sends the challenge
5:54
It responds. I'm logged in. We're done. That's it. It's actually not very hard to work with
6:00
and the only thing I will mention is that, because on this particular MacBook, it's only USB-C
6:06
I had to use a USB-C adapter, so the actual Go Trust iDemKey is just USB-3
6:14
which is that rectangular connection. Slightly tedious. I can only assume they're going to come out with one that's USB-C
6:21
or maybe USB-3 on one side, USB-C on the other. That'd be kind of cool, right
6:26
So, now, let's do the same thing on my Windows computer. So, this is Windows 10 on a little Dell laptop
6:32
and I can't capture the screen, but what I can do is, when I get to just the right point
6:37
I will spin the screen around, and hopefully you'll be able to see what's going on
6:41
So, here I am, and so I was just using Safari, and now what I'm going to do is
6:50
I'm going to use Chrome, assuming I get this to work correctly
6:54
Let's see. So, here we are on Chrome, and it's the same thing
6:59
So, it's time for me to log in. I know there's a lot of glare there
7:03
It's time for me to log in, so I'm going to type in my login and my password, and then I'll show you what's going on
7:08
with how that security key works. And, again, it's a fairly complicated password
7:13
so bear with me. What is probably impossible is for me to actually talk
7:20
while I type it in. So, let's see. I typed it in, so..
7:27
I think I typed it in correctly. I'm going to press Enter
7:31
Okay, and now it says, Log in with security key, and then you can see in the center
7:38
that the operating system itself has put up a prompt. I think that's actually via Chrome
7:43
and it's basically saying, Put in your security key and activate it
7:47
and we'll be good to go. So, I'm going to put it in, and that should be enough
7:52
but it's flashing, and there's a sensor, so you touch that. It's not a fingerprint sensor
7:58
but it then says, Go, work. And you can see, boom, I'm already logged in
8:03
How easy is that? And, again, there's no software I had to install
8:07
It's just this little device, and all of these systems support it
8:11
So cool. So, a tiny bit more, and then I'm just going to tell you the price
8:15
because this is a really cool and remarkably affordable way to make sure you have better off-site security
8:21
and I know a lot of companies, and a lot of Fortune 500 companies
8:25
that use just these sort of things that they issue to employees and say
8:29
Every time you're off-site and you want to log in, whether you're at a customer facility
8:34
whether you're at a Wi-Fi cafe, whether you're at home, whether you're in a hotel room
8:39
because you're on a business trip, you need to use this, and that's just how it is
8:44
And probably some people say, What? How does that work? But most people say
8:48
Oh, it's pretty easy. And hooking it all up and configuring something like Twitter
8:52
to use one of these FIDO2 or FIDO U2F keys is actually pretty darn easy
8:58
I have a link to a tutorial on my Ask Dave Taylor site
9:03
in the description for this video that shows you step-by-step exactly how I enabled this
9:08
for my FilmBuzz account. It's actually pretty darn easy. But USB 3.0
9:14
NFC, which is how it works with smartphones, that's a near-field communication
9:19
So obviously, there are no phones that come with a big USB connection
9:23
That would be ugly, actually. You don't want that. Like I said, it is water-resistant
9:28
and tamper-proof, and it's ridiculously affordable. But before we get there, I'm going to ask if you can subscribe to my channel
9:35
There's a little button on the side. Click or tap on it. Subscribe, and we can stay in touch. Awesome
9:41
Now, this is the GoTrust iDemKey, and it is $22 on Amazon
9:47
22 bucks for something that's going to significantly improve your security when you're logging into online systems
9:55
from either your computer or other people's computers. That is, in my book
10:00
a no-brainer for better security. So, that's all I got. I'm going to actually have to catch up with you
10:06
in my next video. ♪♪♪��
#Computer Security
#Hacking & Cracking