Yubico Authenticator App

What model of iPhone and iOS were you using for this to work on a mobile device? I understand there are some restrictions...

So if the master password is not set on the key to open the Yubico Authenticator app then ANYONE with the key can wave the NFC key or insert the 5Ci key to the device & LITERALLY SEE all the websites that I have an account on!! Seems privacy breach. Please reply

Really useful. Thanks!

Nice! Do you need to enter the Yubikey password each time you open the IOS app?

That is way better than authy app

Thanks! Great explanation. How can I make a backup of the Yubikey? If I lose the key without backup I need to start over again with a new Yubikey or not?

Hi Robert, If I have the Yubico Authenticator app on both my Windows 10 PC and my Android phone, will it sync the credentials from one app to the other? In other words, I add my google account info to the Windows 10 app, will this info sync to, be available in my Android app? Thanks Steve

I think using Google is a bad example. I can see in this demo that you’ve already setup the key directly as a second factor. Google accounts along with many other services like Dropbox support this. This is a better and an easier solution using the FIDO standard that doesn’t require TOTP codes. Also, I believe each Yubikey can only store 32 TOTPs, but they can be used unlimited with FIDO compatible sites. You should only use TOTP with sites that don’t support FIDO.

how do you back it up with another key?

Hi there, I am currently using authy for my 2fa alongside with 1password and I was thinking of having the Yubico authenticator to store my 2fa code for my 1password and leaving the 1password alone to have the 2fa codes within it. Do you think it is a bad idea? Further to this how many codes can the Yubico authenticator store? Kind regards.

Great Tutorial... It really helped me out. Some additional information on the Google/Yubico Authenticator App. You should ALWAYS take a picture of the QR Code or Code (i.e.: the Code or Backup Code are usually Numbers) and print it up, laminate the paper & store it off-line in a safe place (i.e.: if your computer or phone is damaged or lost, you can access your email accounts with the QR Code from another device).

What if someone else knows my backup secret key for 2FA authentication, would they be able to access my codes romotely even when I'm using a yubikey to generate codes?

Does anyone know if it is possible to add more than 1 key to the Yubico Authenticator app? Thanks in advance!

I've been looking for an hour for such a clear explanation of how the pin can be setup and how it works, thanks for this video.

Thanks Robert! I wonder why Yubico does not provide such detailed explanation. Good thing you made that video. I'm now a subscriber of your channel :-)

Yubico owes u...

Hello Robert, great video.
When you used your phone to OTP to your google, did you have to add that account again on the phone ? Or is it stored on key?

If i want to access my account from various devices/platforms (phone/tablet/win/linux) ... do i need to add the account (via QR code) on each of then or is it enough to do it once?
Thanks.

Great video. After you set yubikey on your iPhone, do you needed to Authenticator each time you are use email?

So basically the yubikey just acts as a somewhat secure device to store secrets instead of relying on a mobile device to store them? How hard would it be for an attacker to extract the secrets? Are they stored in a secure element? I assume the password encrypts the secrets? Is it possible to brute force the password or does a secure element somehow mitigate this?

Thank you for this video! I love my Yubikeys but I couldn't figure out what the purpose of this app was 🤔 I'll try to add a few accounts this weekend and see how it goes. Much appreciated ❤️👍

I understand the touch is required when USB plugged in. Does the NFC work without any touch of the gold button?? There are NFC skimming devices that work at range for credit card skimming.

Hi Robert, cool Video. I have downloaded the Software and it works. But i have 2 Hardware Tokens ! How do I get all the Accounts from my First Token to my Backup Token ? thanks

All the Yubikey tutorials use Google accounts. I wish someone would do one with a crypto exchange or something. And how can so many people be so trusting of Google, who lies, spies, censors, and socially engineers it’s “customers” aka “subjects”.

Couple of questions -
1) should we download both Yubikey authenticator apps for both the desktop & iPhone . (Would want to use phone when not at home so thinking would need authentication app also on iPhone.
2) Also how do we change the authenticator already using to Yubikey authenticator app In the application we are using?
Great video!

Thanks

I can just use the key correct, don't need app?

Excellent video and very useful: haven't found much that shows off the power of the Yubico Authenticator: cool!

Can you to put the security codes of an account in two Youbico Keys at same time?

Only accepts 32 codes?

Not recognised by microsoft unfortunately so youre stuck with microsoft authenticator

Great video but I am having a difficult time trying to use myYubikey NC NFC with my Pixel 7 Have some suggestions? thanks

This only serves to make the generation of the various TOTPs safe. If we wanted to use the key directly as 2FA we would have to set it separately for each account right? Let's say that this method allows you to have the same level of security without having to enter the key at each new access.