How to secure your GMAIL account like a pro | YubiKey Tutorial
Ғылым және технология
Still using email and SMS verification codes to protect your gmail account? This security tutorial will make you think twice about those options by showing you how to lock down your Gmail account like a pro using a physical token like a YubiKey.
#YubiKey #Security #HackProofGmailAccount #TristanBolton
LINKS* -
Buy YubiKey 5 NFC (US Amazon): amzn.to/2QKBG6z (affiliate)
Buy YubiKey 5 NFC (Canadian Amazon): amzn.to/3buvQ0X (affiliate)
Yubico Products: www.yubico.com/products/yubik...
Yubico Authenticator: www.yubico.com/products/servi...
Other Videos:
How to secure your DROPBOX account like a pro: • How to secure your DRO...
How to secure your LASTPASS account like a pro: • How to secure your LAS...
How to secure your AWS account like a pro: • How to secure your AWS...
SUBSCRIBE for more videos in the series!
Leave a COMMENT below for what you'd like to see a tutorial on :)
----
Instagram - / tristan.bolton
Twitter - / tristanbolton
Facebook - / tristan-bolton-8700984...
Website - tristanbolton.com/
Thanks Guys! Have a great day! 😊
*Just a quick FYI - as an Amazon Associate I earn from qualifying purchases. Thanks!
Пікірлер: 336
I lost my KZread account and years of work and income through my Google account. Tremendous damage can be done to people. Crooks can't benefit from theft of my videos, but really crushed me. I will learn how to protect my new channel. Thanks for this video! Rich
@tristanbolton
3 жыл бұрын
That sucks about losing your KZread account - Glad you're finding more security tips like this to prevent that from happening again. Stay safe!
@johnbod
3 жыл бұрын
Hi Rich, I just wanted to say I'm really sorry to hear that happened. I hope you have been able to come back from it.
@richdavis4007
3 жыл бұрын
@@johnbod It was a blow, for sure. Years of hard work gone. 2200 videos, gone. Since I love to make videos I kept going and my new channel is doing pretty well. Thanks. Rich
@arunaslasiunas6699
3 жыл бұрын
@@richdavis4007 hi I am sorry for your Channel But can you Please help Me secure my Gmail account from hackers because my account is important
@richdavis4007
3 жыл бұрын
@@arunaslasiunas6699 I'm not an expert on this. Best wishes.
Thank you for this video. I watched about 10 just like this and what I liked about this one is how easy it was to follow and how clear you were in explaining.
@tristanbolton
3 жыл бұрын
Glad it was helpful!
Wow, great video, Tristan. Thanks so much. Clearest explanation for securing a gmail account I have ever heard.
Thank you Tristan! You've just helped me save a lot of time and this was easy to follow.
Thank you . You really make sense of these keys .
Wow great explanation to security issues in Google
He did a very good job imo. Explaining the basics step by step. English is not my first language and I have no experience in using DAWs
Good job Tristan . Thanks!
Thx .Nice easy beginners guide. helped plenty!
You train so well! It's like you comprehend my tempo...
very clear and detailed! thanks
Great video! Thanks
Truly liked the way you have explained how to secure one's account. This is very very useful. Thanks !!!!!
Thank you for great explanations.
YO THANK YOU SO MUCH
Thank you so much for so good information
Helped A Lot! Thanks!
Your'e awesome, thanks. really helpful.
@suntharamtharam849
2 жыл бұрын
p0ppp PP
@suntharamtharam849
2 жыл бұрын
PP Ppplppplpp Ppllpppppppppppppppp Ppllppppppppp
@suntharamtharam849
2 жыл бұрын
Ppplppppppp P P Pp Ppppl
not know , but just know you've affected my life, and apparently tens of thousands of others, in an imnsely positive way. Thank you
Man thanks so much! Just got myn
Thank you bro !!!
I love your tutorials
Thanks man for the info it is really useful👌
just beca a subscriber keep up the good work Sir.
Nice video, thanks!
Thanks for sharing
Thank you.
If someone tells you something can't be hacked, they're either trying to sell you something or they don't really understand hacking. There are lots of "unhackable" things that have been hacked.
@abdullahal-shimri3091
2 жыл бұрын
We’ll you can’t hack my grandma’s toaster.
@kenrock2
Жыл бұрын
Yes.. there is a thing called life hack..
@theodore-zk9gk
Жыл бұрын
Yes you are right about that one day and I am very sure that it's going to be better for the both of happiness to get as long as this world has to much of lifetime beautiful weather and the way it has been trying to see if that was something safety and an amazing opportunity too cherishing the fact of lifetime beauty and the nature of lifestyle that everyone has too having an amazing female friends who will love too different things for all the right reasons when they are asking for from their good friends and gentleman who is really and who has been trying to make her understanding of this situation in life now
@WakeUpAmerican000s
Жыл бұрын
Newest (2023) FIDO Passkey tech is now supported by Google for Google (Gmail) authentication Essentially makes your phone device operate like a Yubikey. More secure and more convenient than SMS based 2FA when set up on devices that are not shared with others.
Would you recommend backup on usb or better on paper?
Great video indeed, thanks!
Hands down, tNice tutorials is THE best beginner video I've watched. Others want to brag about all the sample, loops, etc they have. You keep
Thank you so much! TNice tutorials video helped produce fire soft thanks bro❤️
you deserve a medal. exactly what I was looking for. However, your statement that you will show the ultimate secure method where losing the key means losing the account isn't true because of the backup codes, right?
@tristanbolton
3 жыл бұрын
You're right, you want to stay secure but you don't want to risk loosing your data. So use a yubikey as a primary second-factor and the printed codes in a safe as a backup.
@arunaslasiunas6699
3 жыл бұрын
I Only using Backup codes And google prompt
@SolarWebsite
Жыл бұрын
@@tristanbolton I etched the backup codes in a steel plate with my laser cutter for ultimate disaster survivability.
@SorinOltean77
Жыл бұрын
@@arunaslasiunas6699 i don't think google prompt is safer than using regular OTP
Tristan, how does yubikey on my google account effect my youtube tv account? Will I need the yubikey to stream KZread tv?
wow. thank you for the amazing video
Thanks so much for tNice tutorials bro
Your a Genius man I got trolls trying to fish my crypto! =) Strange emails and all types of BS. Thanks.
Hey this is nice. Thanks for the informative video. I am planning to buy one and was wondering how many accounts can we add on a single key?
Nice video. With your suggested method if I want to connect from my friend’s computer to my gmail account I need to use the ubikey to unlock the authenticator on the phone, right? So the usbA is not an option to buy. Either nfc or lightning for iPhone users
Nice tutorial Micheal, great video to get us started. May you tell - how do I link two or more channels (in the rack channel) as to share the sa
excellent guide
Keep on doin what u doin
Hi what camera system are you using?
@Tristan is there a way to use those keys without have to install any app on the smartphone? just plug in or use NFC?
drums softing good start learning how to make your own lodies. Good luck bro!
@shangtsongz
11 ай бұрын
Huh?
I feel you
really helpfull
thanks alot
Great video, thanks for sharing! Is there a way to disable NFC of the Yubikey?
@curtisbme
3 жыл бұрын
No. If you are worried about it, you just have to get one of the ones that don't have it. It would have to be a very targeted attack for someone to have something that can read and replicate nfc, get close enough to the thing to get them, and then know all the other information they need to log in then use the key. If you are someone that have risk of that level of Mr. Robot hacker, you'd probably be using the non-nfc enterprise keys anyway.
Do you know if the backup codes are vulnerable to brute force attacks? Thank you.
Thx
Great video! Especially using Yubikey authenticator. Would it be safe to leave the key in the computer 24/7? Because constantly removing and inserting it may break something.
@SorinOltean77
Жыл бұрын
is safe as far as you use the non-NFC key. Like this there is need for a physical button push to actually send the pass/OTP to Google. And so far no malware can simulate that.
I like your teaching style. Thank you. Do you know if its possible to remove "google prompts" as a verification method after adding a security key to your account? It seems like that would be a weaker link in the chain if it cant be disabled.
@DS-wt7ul
3 жыл бұрын
After some research it appears that as of right now, the only way to remove google prompts is to sign out of Google on that device such as a phone. It'd be nice to be able to stay signed in on my phone while also not using it for prompts. However, that also raises the issue that the phone would still remain the weak link since your Google account could be accessed on the phone itself if someone was able to get past your lock screen.
You have mentioned about not given either the phone or the associated email to damage the virtue of the account, then, when google asked for the email requested, what's my option to op out? should I be brave enough to delete this email description? then how will I able to recover as asked? or the code in the yubikey will suffide?
the Security Key NFC does not support OTP, correct? so for what you showed we need the higher price one?
oh, you said, that every email has it's own code, and from the yubikey alone, but the passing code using in conjunction with the googe authenticator, will ea time generate a code for the to be copied and paste to be used in ea case, and the solo code, is not displayed. is it right?
12:07 what if you already have 2FA already setup? How would you get it onto the key?
Can be yubico authentication app work with most android apps like Facebook and Amazon? Or would I have to log in on a browser or my laptop?
Hi Tristan. Thanks for this video. I don't really understand how (or IF) a hacker could just view files on my desktop computer. I have a wireless network and use it with TiVo, but I HOPE my smart tv does not have access (I don't know how to tell for sure). My iPhone has nothing on it but my contacts - I don't use it for internet at all - just phone calls and text. I do zip/encrypt anything sensitive on my desktop data partition, such as financial info, identity info, password info, etc. (which carries to my backup/image files drives/partitions). Do I really need to do this? I noticed that you had checked to remember "this" computer, or not to require certain security things on "this" computer. If I only use the one desktop for everything online, can I consider that as long as "this" computer (that no one touches but me) is recognized, I don't have to be concerned about the files on my drives? Like if my password manager is unlocked, for instance - is there any way my passwords could be accessed by someone else?. How could someone have access to my files/folders on my desktop?
@tristanbolton
3 жыл бұрын
Thanks for the questions. There are a number of ways both physically and with virus' that someone could get access to your data, too many ways to list here. First protect yourself from physical access to the data, if your computer is stolen, by using an encryption-at-rest option. Encrypting your zip files is one way, you can secure all your files by encrypting your hard drive. On a mac this can be done under System Preferences -> Security & Privacy -> FileVault on a Windows you'd turn on Bitlocker. To protect against cyber attack's, make sure you have a good anti-virus / malware protection, and keep your most important data offline: Digital wallets on a USB drive, Two-Factor codes with YubiKey, and Passwords (better yet use Bitwarden: kzread.info/dash/bejne/hpesvNufhLLfido.html). Hope that helps
Please do a video setting up the Yubikey with FaceBook. I ran into some very unexpected issues, like being asked for a PIN?
Does that mean that all of my Authenticator Codes are stored on the key and all i have to do is to install the app to read them? So if i set up 2FA for any site i could store the Authenticator Code on 2 yubikeys and have one as a backup, is that correct? And does this work for microsoft authenticator to or just google authenticator?
help to get the basics and I'll jus move from there. Thank you!
i agree
Absolute W video. I had a lot of money softowing in in a good ti of my life where I would spend it on dumb stuff. But one of the few good
Can you use it to resetup s?
Just locked down all my accounts but all my Gmail did what you suggested, removed phone number recoveries and everything is printed and in the fireproof part of the safe!
What are the differences from the regural and the free trial one
if a Ubikey was built like a usb drive, I would use one. But the one I had a few years ago was just a piece of cheap plastic with the metal contacts exposed. It would not set correctly in the usb port and 60% of the time had a loose, intermittent connection, which caused failure errors
i am confused. At 12:10 are you setting up the authenticator on the PC or on the phone? Your languages suggests u r setting it up on PC -- but the graphic shows "SCAN the QR CODE" -- so how did you scan the qr code on the laptop? My question is will this authenticator require a phone? Or can it just be installed on a PC?
Thank you Tristan. Fantastic presentation on securing Gmail! Would you please address the inherent vulnerability of all authenticator apps. If someone gets a hold of your Authenticator OTP seed they can generate OTP codes for your account, even if the don't have your Yubikey security key. The is OTP seed is plain txt stored by your service provider Gmail.
@SorinOltean77
Жыл бұрын
Are you sure the OTP seed is stored in plain text by the provider? That would be a huge security breach potential. I think nowadays all providers of 2FA have to made sure that seeds are stored encrypted.
tNice tutorialngs
Bro, Please answer If i only use backup codes and Google prompt So My account will still be safe right?
Great but can i use yubico authentication app on my phone without using the physical cable
The default tempo for the soft is 120 and when i set the tempo to 100 and played it again, the midi plays again in 120 bpm in tempo. Can
Greeat!
Can I used the yubikey with Authy
with both security key and authenticator app (using Yubi Authenticator) setup, you can 2FA with any of those methods at any time, right? The other good thing about using Yubi Authenticator is you don't have to worry about migration when changing phones as the codes/info. are stored on the hardware itself?
@snehal6282
2 жыл бұрын
Am I right in thinking if we lose Ubikey we can not have an access to Ubikey authenticator? Did I miss anything,
@TabmansTube
2 жыл бұрын
@@snehal6282 yes you are right so to be safe print your barcode when setting up authenticator very first time as that can be reused as many times you want with different authenticators
Thanks - Do you have to do this for every Google email address you have?
@tristanbolton
4 жыл бұрын
Depends on how important the account is but generally most of them are secured this way
My phone doesn't have NFC and uses Micro B. Is there no option to use Yubikey with my phone?
What if my laptop is hacked and I plug in my YubiKey into the hacked laptop? Wouldn't this make the authenticator apps on phones the better choice? I asked a similar question about backing up files on Dropbox.
@tristanbolton
3 жыл бұрын
There are viruses all over attempting to gain access to authenticator apps on both computers and cell phones. By having a yubikey the hacker would have to get the code at the same time you've plugged in the key and login less than 60 seconds from when you've plugged in the key. If you're really concerned about the authenticator app getting hacked you could use a air-gapped device, often an old iPhone or Android device without a SIM card and off wifi, and use that to generate your codes. Hope that helps!
@markhansen6236
3 жыл бұрын
@@tristanbolton It would just be done automatically by the malware. I think that there's ransomware out there that automatically activates when a USB flash drive is plugged in. The same principle applies.
I'm not sure but an alternative second step like backup codes does not appear in my case. Maybe because I already added a second key or google remove this option.
how do i set this up on on firefox
The second you have backup codes, they key thing is worthless. Great, thanks
Anyone know what version of soft soft he's using? Like do I have to buy the $200 version for the stuff in the video or is the $100 dollar
Email & phone number recovery would only work w/ location that google has on record; is that right? Not saying this is bullet proof. But it makes it harder than if all that is needed is the text message. Am I wrong about this?
@tristanbolton
3 жыл бұрын
I haven't tested this recently, I've encountered the familiar location block before, but I've also gotten past it on other accounts (with the users permissions of course). Like you said, I wouldn't count on that being bullet proof, but it is a nice security feature by Google.
In the GMS switch the “Program” to Analog app 1 TE
clips. I use a drum loop and afterwards I want to record a appguitar. What happens.. the drumloop starts to record again along the
@shangtsongz
11 ай бұрын
What?
Can it works on Google tv? Or Maybe create a new account for non important access ?
With a Ledger hardware Wallet you get a 24 word backup code. Why can’t yubikey use the same method?
When I gonna use the yubikey, can i use it on multiple gmail accounts? Or is it for only one account?
@edonramadani8017
8 ай бұрын
have you found the answer? because i want to buy youbikey and to secure my 7 gmail accounts .and 2 outlook accoutns.
Can I import my softs into soft soft and process without using a mic
anyone. I appreciate it!!
Been working soft for a few years now... using it on Mac now and it crashes a lot Nice tutorialndering my progress on the tracks im working on ... I'm
Yep
How to u set the key on ur phone
Do I need to buy a separate key for my mobile and Laptop?
@tristanbolton
3 жыл бұрын
Just one key should be fine
I love it Sir can you help to edit
I just got the soft soft , man tNice tutorials tutorial is perfect
There are 10 backup codes, but you only need to use one code each time to access Gmail, correct? So once one of the codes is used, you cross it out, and the rest can still be used? Or, you have to use all 10 of them in a certain order? Thanks!
@iRahz.
2 жыл бұрын
Once a code is used, cross it out. Can't be used again.
true