Excellent video thank you. The piece that I am a little fuzzy on is the Yubico authenticator piece. You answered all my questions especially about the recovery phone and email.
@youdoer14 күн бұрын
If you have a physical token does that mean emergency access no longer is possible?
@youdoer14 күн бұрын
Great
@Panicthescaredycat18 күн бұрын
If I set the 2FA with Bitwarden but also a yubikey, I'm technically good right? Cause for someone to get my 2FA in the first place need my yubikey to get into my vault to get my 2FA to Bitwarden, but then they wouldn't need it if they got my yubikey lol
@Panicthescaredycat18 күн бұрын
By that I meant I have the authenticator through Bitwarden for Bitwarden.. so to get access to my Bitwarden you need my yubikey in the first place
@Panicthescaredycat21 күн бұрын
Hmmm I thought the Families plan, it would make everyone i add into ''premium''
@Arcteek21 күн бұрын
Exactly what I was looking for!
@tristansteiner6727Ай бұрын
Thanks!
@wildmanofborneoАй бұрын
Hello Bitwarden won't recognize a login page that only asks for the username (once the username is entered, the NEXT page asks for the password). How to get Bitwarden to recognize this situation? It works ok if the page asks for both the username and password. This applies to Android.
@JasonRutherford-vu9hhАй бұрын
You are a superhero. I've researched countless articles and video tutorials, looking for a simple solution to this problem and yours is perfect. It doesn't rely on deep knowledge of coding, installing boto3, blah blah... I preferred to not list all buckets, which gave S3 Browser some errors, but adding the external bucket in S3 Browser gave me the direct access necessary without disclosing ALL of our S3 buckets to an external user. Thank you!
@rachnadeenstra47182 ай бұрын
Hi, nice video, I hope you can help me, I have a issue with getting may authenticator app into the valt. After I have made a new login with useing the QR code. I try to get the verificationcode into point.3 to get them locked. I copy the code different ways but non of them work? He says it is an invalid toke... Hope someone can help me. I don't understand why it doesn't work. Thanks in advance.
@krisclem82902 ай бұрын
Just make the password hint "password" or "my password".
@jimleon78942 ай бұрын
How do I change my master password
@OGSuperNaqash3 ай бұрын
Hey this is nice. Thanks for the informative video. I am planning to buy one and was wondering how many accounts can we add on a single key?
@chrisfetner3323 ай бұрын
This is the worst explanation ever. Find another profession.
@ashleymorris66363 ай бұрын
If this is a potential threat and copy and paste is a threat, then how to access accounts with out having to manually do it is there another way?
@jerryviaja4 ай бұрын
You are the best! Thanks for the video! Such a big chunk of info in just 14mins! Testing it right away even 4 years later. Super clear explanation! >>> Just to complement, the video, As some of the other comments said, this is not a FREE unlimited storage. All aws services has a fee (Only 5 GB are free) then we have to pay for it and it willl be deducted directly from our credit card used when creating our aws account. But the average amount to pay for 4TB stored there will be around 50 usd a year, maybe less if you use a <snow family> to upload the biggest chunk Could you tell me if that numbers are correct? Or based on your experience and the storage you are using in the cloud, how much do you pay?
@ChibiKeruchan4 ай бұрын
you didn't show us the read only and hide password. I hope you can make an update on this using troll/test accounts. and also show us if Attachment can be accessed by everyone in the collection. would that TOTP code being shows be dangerous? this may cause an account take over right?
@ricepaintingcompany4 ай бұрын
All I have to say is........... Thank you!!!
@GoaWay4Sanity4 ай бұрын
*if this is good, can Google themselves not get in to your Gmail?* 🧐
@Gengingen4 ай бұрын
If you lose password you loose your BW account, no ifs or buts. Recovery code is just when you loose access to your 2FA device. At least that’s as of now in Dec 2023.
@blaaxz5 ай бұрын
Isn't it a security problem that the other Person can see the TOTP Key?
@stevenalves75065 ай бұрын
What mean rewrite in this case? For example aws s3 sync will be a rewrite operations
@stevenalves75065 ай бұрын
Great video.
@kamcoach5 ай бұрын
Wow that was so helpful and well explained. Got my S3 Bucket mounted in minutes. Very happy and so much cheaper than OneDrive or Google etc.
@ovehansen71116 ай бұрын
Excellent video - unfortunately the service no longer works as described in your video, it seems like you no longer can use your own personal S3 buckets, I could only select an S3 bucket that CloudBerry managed. Theoretically a good product but I wanted to back up to S3 to buckets that I control myself, imagine the scenario where Cloudberry goes belly up, how do you get your data back? What it is now is not what I wanted.
@ItsTheNatShack6 ай бұрын
Is there a way to get unlimited storage on amazon kindle
@kevinsalandanan7 ай бұрын
Did i get what aws have right now, aws only offers a backup service for hypervisor setup. If i want to back up an actual physical server or a laptop to aws i need to have a third party tool? Correct me if im wrong please.
@mh77118 ай бұрын
So Do I have to login into bitwarden using Yubikey Authenticator every time I turn onmy Computer / every Day once? and the being logged in in my vault the whole Day? can I choose/change this? or that I dont need to login on my PC? that I only have to authenticate when a) I use a complete New device or b) I am logging in from a Different place/City? would be save enough I think....
@Our1stPlanet8 ай бұрын
First clarify what AWS is .... Why the hectic ? Er um er Dont repeat yourself
@Waiel8 ай бұрын
You never actually made the C2 video...
@allanjones90688 ай бұрын
Is this safe against cookie stealing (session hijacking)? If I logged in using an Yubikey, will the hacker be able to be logged in as me if they steal my cookie? I have been hacked using cookie stealing recently and I am trying to protect myself, but I can't find a way to protect me from this.
@edonramadani80178 ай бұрын
the best security today is the YubiKey... hackers need to have your youbikey to plug it in their pc or in their phone ,. there is no way that they can hack your accounts. without having the yubikey in their hands,
@SS-kg6ns8 ай бұрын
AUG 2023 update -- ORGANIZATION create is under 'VAULTS'
@HtPt9 ай бұрын
Nice content , question ? Why disable email recovery, I agree disable phone sms , but email 📧, if you fully control Gmail with the passkey, how can they access your email ? See my point ?. 🎉
@Zeric19 ай бұрын
My understanding is that if one has any 2FA method setup, as soon as they login to google on a phone, android tablet, or Chromebook, the far less secure "Google Prompts" will become the default authentication method. This pretty much nullifies the benefit of using Yubikey or TOTP authentication with google unless you never need to sign-in to google on a phone or android tablet or Chromebook, which is unlikely unless you are entirely in the apple ecosystem.
@fool4jc7779 ай бұрын
Hi Tristan. I'm using Cloud Mounter for my Macbook Pro. I'm trying to follow your steps, but I'm stuck. I've mounted CloudMounter, but when I put files into the S3 Drive, it take memory/space away from my actual hard drive on my desktop. What am I doing wrong? Please help!
@Criticalmaze10 ай бұрын
Im confused. If you buy the family plan wouldn’t that give you up to 6 premium accounts? That’s bs if thats not how it works
@dannypais925810 ай бұрын
Dropbox yes I would like to say a lot of things about it and you are going to tell me you can protect it real good no Dropbox has a thing that they do which is pretty nasty and bad day will delete your account if they feel like they wanted to delete your account there was a guide that got deleted All his files now I tell people from the day I started life and I started computers I always said get a secondary hard drive and back everything app until that hard drive in the file and save it and then try to save it on a USB steak which is got a high and you can go from there I just got caught in order a 128 TB USB stick about 4 of them and they were pretty cheap and now I save a whole bunch of things on there until that thing gets corrupted and then I saved it on another hard drive and go on my way I don't use these crappy things online because these online Hard drives are places where you can do storage is bunch of crack there a bunch of crack crackheads who run the system and they like to rob all your files or let people rob Files or anything else that you have put there for safe for safety or pictures of whatever I always said put a hard drive do a hard drive do you wish to mistake to SD card do whatever but do not ever use iCloud or Dropbox it is one of the worst nasty stings ever and also Google has their own storage thing and that's crap too I don't use any of those crap because as you know you can get hacked really easily and you can lose a lot of things yes I have lost a lot of things on corrupted USB sticks in this and that but I have it backed up on other things like phone hard drives Or other things that I can have storage saved on that is the best way to go please listen to me I have done extensive research and people can say a lot of things to back me up and make me Look Like a Fool but they are the Fool because this guy Bill smartly and saying he can make you a pro of saving yourself and protecting yourself that is bunch of bull and bunter crack I have had a lot of high-end people get hacked on Dropbox and got a lot of people hacked on Google Storage so I am telling you now do not use it do not ever dare to put yourself under it is the worst thing that has ever come out it is a crime what they did they built this so they can steal people's things and get people's information please do not use it please do not do it please listen to me I am telling you what is the right thing to do to a hard drive to USB stake to a rest card and go on with life
@kensier495510 ай бұрын
Someone recently stole my trusted device and almost reset my main account. Luckily they got distracted and got into my work account (an easy fix since we have admins). It made me realize how vulnerable my google really is. I have 700gb of files on google drive and Google Photos is the sole location for many of my photos. Kinda insane I thought a password and phone would be enough.
@DavidJJJ11 ай бұрын
You need unlimited money to get unlimited storage but you know, details…
@ParkerGraysonNZB11 ай бұрын
$10 a year not month
@Intensity2U Жыл бұрын
Do you have a tutorial for how to use the Bit Warden app on smart phones?
@penultimatename6677 Жыл бұрын
The way to secure gmail is not to use it. Google has access to your email. The government can gain access. Google will sell your data. Email is unsecure by nature. Using Proton mail is a step in the right direction.
@grantnicklin6421 Жыл бұрын
Great advice on the settings to use in the browser and browser add-on towards the end of your video. Thanks for your efforts with this.
@subnumeric Жыл бұрын
So sad to see you wave that FIDO2 token, yet follow it with "but my preference is... (the significantly less secure method)", please, please, if you get a hardware token, use the hardware token! Unlike TOTP, it cannot be cloned and it cannot be phished! If some of your devices do not support it, you can still have TOTP as a backup (just be very careful about where you use it!).
@wifienabled Жыл бұрын
7:41 he meant $10 a year, folks
@Tymczas Жыл бұрын
what a moron uses yubikey by using additional app which is meant to be substitute for yubikey? lol
@Psychiatry.321 Жыл бұрын
Security Key is MUST for the following: 1. Microsoft Account (Windows 11/10 sign in) 2. Gmail 3. Facebook 4. Instagram 5. Twitter 6.Tiktok 7. Reddit 8. Backup Services 9. Apple ID
@dxtv_ Жыл бұрын
"OH NO, I LOST MY YUBIKEY!"
@notpracticinglaw Жыл бұрын
Thank you,very much....,,.... had to send this on to me sis! And I've been with BW for 4 years, and it is only,,,, $10 per year for Premium, as you more than likely figured OUT! Mo than will worth it! Question, I have Old #4 Yubikey, can I use that until I get some funds for #5?
@LionRoars918 Жыл бұрын
Thank you .. but nice clickbait title. Even a Yubikey is not at all fool proof. I expect to see a ton of videos from the security people backtracking on their claims. There are dozens of fake ass KZread videos just like your making these claims. Someone just has to steal your cookies .. and sorry Yubikey, but you failed.
@Zeric19 ай бұрын
Stealing cookies is a deficiency of the browser and how websites are designed. It is a big issue, but not a failure of Yubikey or other hardware based keys. This has to do with the history of web browsers, and how they are used now to handle keeping you logged into web sites. Cookies are a concept that needs to be replaced. Cookies have been fundamentally intertwined in browser and website code for decades so replacement isn't easy.
Пікірлер
Excellent video thank you. The piece that I am a little fuzzy on is the Yubico authenticator piece. You answered all my questions especially about the recovery phone and email.
If you have a physical token does that mean emergency access no longer is possible?
Great
If I set the 2FA with Bitwarden but also a yubikey, I'm technically good right? Cause for someone to get my 2FA in the first place need my yubikey to get into my vault to get my 2FA to Bitwarden, but then they wouldn't need it if they got my yubikey lol
By that I meant I have the authenticator through Bitwarden for Bitwarden.. so to get access to my Bitwarden you need my yubikey in the first place
Hmmm I thought the Families plan, it would make everyone i add into ''premium''
Exactly what I was looking for!
Thanks!
Hello Bitwarden won't recognize a login page that only asks for the username (once the username is entered, the NEXT page asks for the password). How to get Bitwarden to recognize this situation? It works ok if the page asks for both the username and password. This applies to Android.
You are a superhero. I've researched countless articles and video tutorials, looking for a simple solution to this problem and yours is perfect. It doesn't rely on deep knowledge of coding, installing boto3, blah blah... I preferred to not list all buckets, which gave S3 Browser some errors, but adding the external bucket in S3 Browser gave me the direct access necessary without disclosing ALL of our S3 buckets to an external user. Thank you!
Hi, nice video, I hope you can help me, I have a issue with getting may authenticator app into the valt. After I have made a new login with useing the QR code. I try to get the verificationcode into point.3 to get them locked. I copy the code different ways but non of them work? He says it is an invalid toke... Hope someone can help me. I don't understand why it doesn't work. Thanks in advance.
Just make the password hint "password" or "my password".
How do I change my master password
Hey this is nice. Thanks for the informative video. I am planning to buy one and was wondering how many accounts can we add on a single key?
This is the worst explanation ever. Find another profession.
If this is a potential threat and copy and paste is a threat, then how to access accounts with out having to manually do it is there another way?
You are the best! Thanks for the video! Such a big chunk of info in just 14mins! Testing it right away even 4 years later. Super clear explanation! >>> Just to complement, the video, As some of the other comments said, this is not a FREE unlimited storage. All aws services has a fee (Only 5 GB are free) then we have to pay for it and it willl be deducted directly from our credit card used when creating our aws account. But the average amount to pay for 4TB stored there will be around 50 usd a year, maybe less if you use a <snow family> to upload the biggest chunk Could you tell me if that numbers are correct? Or based on your experience and the storage you are using in the cloud, how much do you pay?
you didn't show us the read only and hide password. I hope you can make an update on this using troll/test accounts. and also show us if Attachment can be accessed by everyone in the collection. would that TOTP code being shows be dangerous? this may cause an account take over right?
All I have to say is........... Thank you!!!
*if this is good, can Google themselves not get in to your Gmail?* 🧐
If you lose password you loose your BW account, no ifs or buts. Recovery code is just when you loose access to your 2FA device. At least that’s as of now in Dec 2023.
Isn't it a security problem that the other Person can see the TOTP Key?
What mean rewrite in this case? For example aws s3 sync will be a rewrite operations
Great video.
Wow that was so helpful and well explained. Got my S3 Bucket mounted in minutes. Very happy and so much cheaper than OneDrive or Google etc.
Excellent video - unfortunately the service no longer works as described in your video, it seems like you no longer can use your own personal S3 buckets, I could only select an S3 bucket that CloudBerry managed. Theoretically a good product but I wanted to back up to S3 to buckets that I control myself, imagine the scenario where Cloudberry goes belly up, how do you get your data back? What it is now is not what I wanted.
Is there a way to get unlimited storage on amazon kindle
Did i get what aws have right now, aws only offers a backup service for hypervisor setup. If i want to back up an actual physical server or a laptop to aws i need to have a third party tool? Correct me if im wrong please.
So Do I have to login into bitwarden using Yubikey Authenticator every time I turn onmy Computer / every Day once? and the being logged in in my vault the whole Day? can I choose/change this? or that I dont need to login on my PC? that I only have to authenticate when a) I use a complete New device or b) I am logging in from a Different place/City? would be save enough I think....
First clarify what AWS is .... Why the hectic ? Er um er Dont repeat yourself
You never actually made the C2 video...
Is this safe against cookie stealing (session hijacking)? If I logged in using an Yubikey, will the hacker be able to be logged in as me if they steal my cookie? I have been hacked using cookie stealing recently and I am trying to protect myself, but I can't find a way to protect me from this.
the best security today is the YubiKey... hackers need to have your youbikey to plug it in their pc or in their phone ,. there is no way that they can hack your accounts. without having the yubikey in their hands,
AUG 2023 update -- ORGANIZATION create is under 'VAULTS'
Nice content , question ? Why disable email recovery, I agree disable phone sms , but email 📧, if you fully control Gmail with the passkey, how can they access your email ? See my point ?. 🎉
My understanding is that if one has any 2FA method setup, as soon as they login to google on a phone, android tablet, or Chromebook, the far less secure "Google Prompts" will become the default authentication method. This pretty much nullifies the benefit of using Yubikey or TOTP authentication with google unless you never need to sign-in to google on a phone or android tablet or Chromebook, which is unlikely unless you are entirely in the apple ecosystem.
Hi Tristan. I'm using Cloud Mounter for my Macbook Pro. I'm trying to follow your steps, but I'm stuck. I've mounted CloudMounter, but when I put files into the S3 Drive, it take memory/space away from my actual hard drive on my desktop. What am I doing wrong? Please help!
Im confused. If you buy the family plan wouldn’t that give you up to 6 premium accounts? That’s bs if thats not how it works
Dropbox yes I would like to say a lot of things about it and you are going to tell me you can protect it real good no Dropbox has a thing that they do which is pretty nasty and bad day will delete your account if they feel like they wanted to delete your account there was a guide that got deleted All his files now I tell people from the day I started life and I started computers I always said get a secondary hard drive and back everything app until that hard drive in the file and save it and then try to save it on a USB steak which is got a high and you can go from there I just got caught in order a 128 TB USB stick about 4 of them and they were pretty cheap and now I save a whole bunch of things on there until that thing gets corrupted and then I saved it on another hard drive and go on my way I don't use these crappy things online because these online Hard drives are places where you can do storage is bunch of crack there a bunch of crack crackheads who run the system and they like to rob all your files or let people rob Files or anything else that you have put there for safe for safety or pictures of whatever I always said put a hard drive do a hard drive do you wish to mistake to SD card do whatever but do not ever use iCloud or Dropbox it is one of the worst nasty stings ever and also Google has their own storage thing and that's crap too I don't use any of those crap because as you know you can get hacked really easily and you can lose a lot of things yes I have lost a lot of things on corrupted USB sticks in this and that but I have it backed up on other things like phone hard drives Or other things that I can have storage saved on that is the best way to go please listen to me I have done extensive research and people can say a lot of things to back me up and make me Look Like a Fool but they are the Fool because this guy Bill smartly and saying he can make you a pro of saving yourself and protecting yourself that is bunch of bull and bunter crack I have had a lot of high-end people get hacked on Dropbox and got a lot of people hacked on Google Storage so I am telling you now do not use it do not ever dare to put yourself under it is the worst thing that has ever come out it is a crime what they did they built this so they can steal people's things and get people's information please do not use it please do not do it please listen to me I am telling you what is the right thing to do to a hard drive to USB stake to a rest card and go on with life
Someone recently stole my trusted device and almost reset my main account. Luckily they got distracted and got into my work account (an easy fix since we have admins). It made me realize how vulnerable my google really is. I have 700gb of files on google drive and Google Photos is the sole location for many of my photos. Kinda insane I thought a password and phone would be enough.
You need unlimited money to get unlimited storage but you know, details…
$10 a year not month
Do you have a tutorial for how to use the Bit Warden app on smart phones?
The way to secure gmail is not to use it. Google has access to your email. The government can gain access. Google will sell your data. Email is unsecure by nature. Using Proton mail is a step in the right direction.
Great advice on the settings to use in the browser and browser add-on towards the end of your video. Thanks for your efforts with this.
So sad to see you wave that FIDO2 token, yet follow it with "but my preference is... (the significantly less secure method)", please, please, if you get a hardware token, use the hardware token! Unlike TOTP, it cannot be cloned and it cannot be phished! If some of your devices do not support it, you can still have TOTP as a backup (just be very careful about where you use it!).
7:41 he meant $10 a year, folks
what a moron uses yubikey by using additional app which is meant to be substitute for yubikey? lol
Security Key is MUST for the following: 1. Microsoft Account (Windows 11/10 sign in) 2. Gmail 3. Facebook 4. Instagram 5. Twitter 6.Tiktok 7. Reddit 8. Backup Services 9. Apple ID
"OH NO, I LOST MY YUBIKEY!"
Thank you,very much....,,.... had to send this on to me sis! And I've been with BW for 4 years, and it is only,,,, $10 per year for Premium, as you more than likely figured OUT! Mo than will worth it! Question, I have Old #4 Yubikey, can I use that until I get some funds for #5?
Thank you .. but nice clickbait title. Even a Yubikey is not at all fool proof. I expect to see a ton of videos from the security people backtracking on their claims. There are dozens of fake ass KZread videos just like your making these claims. Someone just has to steal your cookies .. and sorry Yubikey, but you failed.
Stealing cookies is a deficiency of the browser and how websites are designed. It is a big issue, but not a failure of Yubikey or other hardware based keys. This has to do with the history of web browsers, and how they are used now to handle keeping you logged into web sites. Cookies are a concept that needs to be replaced. Cookies have been fundamentally intertwined in browser and website code for decades so replacement isn't easy.