WEBVTT

00:00:00.120 --> 00:00:05.200
passwords suck even if you have a password manager to help you keep track

00:00:03.439 --> 00:00:08.519
of the dozens of credentials you're probably using they come with quite a

00:00:06.879 --> 00:00:13.160
few problems other than simply being hard to remember secure passwords can

00:00:11.080 --> 00:00:17.279
still be hacked as they aren't always stored in a secure Manner and even if

00:00:15.120 --> 00:00:22.039
they are passwords can and do get stolen by a social engineering like when a

00:00:19.480 --> 00:00:26.480
scammer calls up your poor old grandma oh hello and security concerns aside the

00:00:24.480 --> 00:00:30.320
whole song and dance of having to create a password in the first place can

00:00:27.920 --> 00:00:34.680
actually lead users to just give up on using a service altogether especially if

00:00:32.520 --> 00:00:39.840
it doesn't have that sign in with Google or sign in with apple button available

00:00:37.840 --> 00:00:43.440
as an option and obviously Services you sign up for want your business and

00:00:41.480 --> 00:00:48.399
aren't exactly thrilled when a user walks away so it shouldn't be surprising

00:00:46.399 --> 00:00:52.840
that pass keys are starting to become more common these are credentials that

00:00:50.680 --> 00:00:56.800
allow you to access an online account without a password to use a pass key you

00:00:55.480 --> 00:01:01.280
still need to authenticate that it's actually you trying to use it but

00:00:58.920 --> 00:01:05.720
instead of a big long silly word you use a fingerprint sensor or facial

00:01:03.160 --> 00:01:10.080
recognition or a QR code or pin which are useful if you're on a device like a

00:01:07.880 --> 00:01:14.720
desktop PC that might not have biometric recognition Hardware of course you have

00:01:12.200 --> 00:01:18.439
to remember a pin which does negate one of the advantages of pasis but

00:01:16.200 --> 00:01:22.759
Biometrics are already extremely common on phones and laptops and can be cheaply

00:01:20.520 --> 00:01:27.400
added to a desktop but regardless of the authentication method pass keys are

00:01:25.079 --> 00:01:30.439
stored in a different way than traditional passwords which is one of

00:01:28.920 --> 00:01:34.439
their main selling points in terms of security we'll tell you exactly how that

00:01:32.280 --> 00:01:38.000
works right after we thank secret lab with their Black Friday Cyber Monday

00:01:35.799 --> 00:01:41.399
sale coming to an end secret lab said why not just keep the savings going

00:01:39.640 --> 00:01:45.759
that's how they sound their holiday sale is live now and you can save up to 150

00:01:43.520 --> 00:01:50.479
bucks on shares like their illustrious Titan Evo with his Dynamic lumbar

00:01:47.759 --> 00:01:55.759
support and four-way adjustable armrests or save up to $100 off their desks like

00:01:53.040 --> 00:01:59.399
the premium and versatile Magnus Pro check out the sale out the link below

00:01:56.880 --> 00:02:03.799
and save big this holiday season instead of hanging out on a server somewhere

00:02:01.240 --> 00:02:07.439
pass Keys live right on your device but if that's the case how does the server

00:02:05.719 --> 00:02:11.840
know that you're giving it the correct credential when you try to connect the

00:02:09.440 --> 00:02:15.400
answer is public key cryptography essentially the same basic

00:02:14.000 --> 00:02:19.440
idea that underpins most of the encryption you find on the web we have

00:02:17.840 --> 00:02:23.560
another video with more details on cryptography but the gist of it is this

00:02:22.160 --> 00:02:27.920
the website or application you're connecting to stores a special string of

00:02:25.519 --> 00:02:32.160
characters called a public key and the key that stays on your device is a

00:02:29.920 --> 00:02:36.879
private key the public key is useless on its own but when the key pair is

00:02:34.720 --> 00:02:40.920
verified as correct you're granted access baby bingo the cryptographic

00:02:39.239 --> 00:02:43.840
algorithm that generates the keys is nearly impossible to reverse so if

00:02:42.680 --> 00:02:48.080
someone breaks into the server and steals the public key it's very unlikely

00:02:46.400 --> 00:02:53.879
that they'd somehow be able to figure out your private key unless they have a

00:02:50.400 --> 00:02:55.720
quantum computer or something pass Keys

00:02:53.879 --> 00:02:59.800
also don't need to use multiactor authentication involving those numerical

00:02:57.920 --> 00:03:03.319
codes that you have to copy and paste unlike a password-based system a bad

00:03:01.560 --> 00:03:07.319
actor would physically need access to your device to get into your account if

00:03:05.120 --> 00:03:11.720
you're using a pass key this means that the second factor for a pass key is

00:03:09.440 --> 00:03:16.560
effectively your fingerprint your face or your PIN which you're already using

00:03:13.519 --> 00:03:18.440
to sign in anyway of course this doesn't

00:03:16.560 --> 00:03:22.760
mean that pass keys are absolutely secure for example someone could set up

00:03:20.159 --> 00:03:25.640
a weak pin misplace their phone and suddenly it's quite easy for a bad actor

00:03:24.360 --> 00:03:30.360
to get into a huge number of their accounts but the point isn't absolute

00:03:28.319 --> 00:03:34.439
security as that is isn't truly achievable instead the goal is to make

00:03:32.439 --> 00:03:37.959
your accounts easier to access and more secure than they are with traditional

00:03:36.159 --> 00:03:42.760
passwords both at the same time and seeing as how way too many of us are

00:03:40.200 --> 00:03:46.920
still using passwords like Cy the companies that are pushing pass Keys

00:03:44.879 --> 00:03:49.400
might just be on to something so thanks for watching guys if you like this video

00:03:48.200 --> 00:03:56.879
maybe watch that other video on cryptography or switch it up how about

00:03:51.920 --> 00:03:56.879
why are planes white it's a great one