1
00:00:00,000 --> 00:00:06,660
Thanks for watching tech wiki click the subscribe button then enable notifications with the bell icon so you won't miss any future videos

2
00:00:06,860 --> 00:00:13,800
Have you ever heard? Oh, well, sorry my account got hacked as an excuse for an incredibly inappropriate

3
00:00:14,020 --> 00:00:15,990
post on social media

4
00:00:15,990 --> 00:00:21,270
Well for me, it's kind of becoming the modern equivalent to the dog ate my homework

5
00:00:21,790 --> 00:00:26,070
Especially because so many major web services offer two-factor authentication

6
00:00:26,070 --> 00:00:33,230
to keep intruders out of your account a feature that asks for something else in addition to your password

7
00:00:33,570 --> 00:00:37,730
Typically one of those six-digit codes from an authenticator app on your phone

8
00:00:38,130 --> 00:00:40,670
So you can learn all about how those work up here

9
00:00:40,850 --> 00:00:46,530
But what if you're tired of punching in that string of numbers whenever you log in well

10
00:00:46,530 --> 00:00:53,950
Then you might be interested in a physical security key using the universal two-factor or u2f standard

11
00:00:54,110 --> 00:00:55,990
You see instead of a code that

12
00:00:55,990 --> 00:00:59,510
Changes every 30 seconds u2f relies on a small

13
00:01:00,050 --> 00:01:06,170
Physical chip on a little gadget that looks a bit like a USB flash drive that you can keep on your keychain

14
00:01:06,730 --> 00:01:09,050
Or in some kind of safe location

15
00:01:09,510 --> 00:01:15,770
Typically all you need to do to set one up is tell whichever service you're using that you have a u2f key then

16
00:01:16,290 --> 00:01:20,390
Inserted into a free USB port some of them even support NFC

17
00:01:20,390 --> 00:01:26,290
So you can use them with your Android smartphone and iOS users very recently got support for u2f

18
00:01:26,310 --> 00:01:31,370
Devices over NFC with the UB key neo if you're using an iPhone 7 or newer

19
00:01:31,550 --> 00:01:36,310
So after you insert or tap your key a number of things happen in the background

20
00:01:36,450 --> 00:01:41,950
The key will randomly generate a public and private key pair with the private key

21
00:01:42,090 --> 00:01:47,590
Never leaving the physical u2f key and the public key will get sent to a server

22
00:01:47,910 --> 00:01:54,430
Your key will also send the random number that it picked to generate these keys originally called a nonce as well as a checksum that serves to a server.

23
00:01:54,430 --> 00:01:55,430
As well as a checksum that serves to a server.

24
00:01:55,430 --> 00:01:55,930
As well as a checksum that serves to a server.

25
00:01:56,310 --> 00:01:59,030
To identify that specific physical key

26
00:01:59,530 --> 00:02:03,770
Then when it's time to come back later and log in you enter your username and password

27
00:02:04,150 --> 00:02:11,130
Like you normally would and the server will send you that same nonce and checksum back to your u2f key

28
00:02:11,270 --> 00:02:17,810
along with a different number your physical key will then use the nonce and checksum from the server to

29
00:02:18,310 --> 00:02:24,890
regenerate the private key and since each physical u2f key uses a different secret for key generation

30
00:02:24,890 --> 00:02:29,050
Only the original key you used to register will work

31
00:02:29,610 --> 00:02:36,310
Your u2f key then signs the number that was sent to it with the private key and the result is sent to the server

32
00:02:36,370 --> 00:02:42,550
Which then unlocks it with your public key from your u2f key to allow you to access it

33
00:02:42,550 --> 00:02:44,190
It sounds complicated

34
00:02:44,190 --> 00:02:51,850
But all of this happens without any intervention from the user other than simply plugging in a USB stick and the benefits are

35
00:02:52,510 --> 00:02:54,710
definitely worthwhile because it also

36
00:02:54,890 --> 00:02:56,890
protects against phishing attacks

37
00:02:57,390 --> 00:03:02,530
Numeric authentication codes are definitely way better than having no two-factor protection at all

38
00:03:02,710 --> 00:03:07,810
But they can still be stolen if you accidentally enter them on an imposter website

39
00:03:08,510 --> 00:03:14,230
u2f helps to stop this by using the original domain of the site as part of the

40
00:03:14,610 --> 00:03:18,450
Secret sauce it uses to generate the private key for that account

41
00:03:18,770 --> 00:03:24,690
So if you use your physical key to log in to an attackers website the response it will

42
00:03:24,890 --> 00:03:29,250
Send to that hostile server will be completely useless and the bad guys

43
00:03:29,510 --> 00:03:32,430
won't be able to use it to get into your account and

44
00:03:32,810 --> 00:03:39,210
The companies that make u2f keys have added their own additional security features on top of this base

45
00:03:39,530 --> 00:03:46,990
public key encryption strategy the ever popular YubiKey for example requires you to touch a sensor on the USB stick

46
00:03:47,570 --> 00:03:54,790
Before it authenticates ensuring that there's an actual human trying to gain access and not some kind of malware box

47
00:03:55,410 --> 00:03:59,570
With all of that said as great as this kind of physical security can be

48
00:03:59,850 --> 00:04:05,530
You still need to make sure you don't do anything dumb like drop your keychain in a shady part of town which

49
00:04:10,080 --> 00:04:14,940
Racing against the clock as a freelancer. Well, it's challenging but thanks to the growth of the internet

50
00:04:14,940 --> 00:04:20,940
There's never been more opportunities for the self-employed and to meet this need fresh books created their cloud accounting software

51
00:04:21,380 --> 00:04:28,300
Designed for the way you work fresh books is the simplest and easiest way to be more productive more organized and perhaps

52
00:04:28,320 --> 00:04:34,320
Most importantly get paid faster. You can create and send professional-looking invoices in less than 30 seconds

53
00:04:34,320 --> 00:04:38,260
You can set up online payments with just a couple of clicks and get paid up to four days faster

54
00:04:38,260 --> 00:04:42,360
You can see when your client has seen your invoice and put an end to the guessing games

55
00:04:42,360 --> 00:04:45,360
And they've got fully featured apps for both Android and iOS

56
00:04:46,120 --> 00:04:52,260
So you can take the fresh books experience with you on the go. They're offering a 30-day unrestricted free trial to our viewers

57
00:04:52,260 --> 00:04:58,020
So to claim it go to fresh books comm slash tech wiki and enter Techquickie in the how did you hear about us section?

58
00:04:58,320 --> 00:04:59,700
We'll have that linked below

59
00:04:59,700 --> 00:05:04,870
so thanks for watching guys dislike or like check out other channels leave a comment with video suggestions and

60
00:05:06,130 --> 00:05:09,570
What was he gonna say?

61
00:05:09,570 --> 00:05:14,830
You guys I know what I was gonna say not you. I meant the viewer was supposed to guess subscribe

62
00:05:14,830 --> 00:05:16,830
You know what forget it. I quit