Gadgetory

thanks for watching tech quickie click the subscribe button then enable notifications with the bell icon so you won't miss any future videos have you ever heard oh well sorry my account got hacked as an excuse for an incredibly inappropriate post on social media well for me it's kind of becoming the modern equivalent to the dog ate my homework especially because so many major web services offer two-factor authentication to keep intruders out of your account a feature that asks for something else in addition to your password typically one of those six digit codes from an Authenticator app on your phone so you can learn all about how those work up here but what if you're tired of punching in that string of numbers whenever you log in well then you might be interested in a physical security key using the universal two-factor or you to F standard you see instead of a code that changes every 30 seconds u2f relies on a small physical chip on a little gadget that looks a bit like a USB flash drive that you can keep on your keychain or in some kind of safe location typically all you need to do to set one up is tell whichever service you're using that you have a u to F key then insert it into a free USB port some of them even support NFC so you can use them with your Android smartphone and iOS users very recently got support for u 2 F devices over NFC with the Yubikey neo if you're using an iPhone 7 or newer so after you insert or tap your key a number of things happen in the background the key will randomly generate a public and private key pair with the private key never leaving the physical u 2 F key and the public key will get sent to a server your key will also send the random number that it picked to generate these keys originally called the nonce as well as a checksum that serves to identify that specific physical key then when it's time to come back later and login you enter your username and password like you normally would and the server will send you that same nonce and checksum back to your u2 F key along with a different number your physical key will then use the nonce and checksum from the server to regenerate the private key and since each physical u2 F key uses a different secret for key generation only the original key you used to register will work your u2 F key then signs the number that was sent to it with the private key and the result is sent to the server which then unlocks it with your public key from your u2 F key to allow you to access it it sounds complicated but all of this happens without any intervention from the user other than simply plugging in a USB stick and the benefits are definitely worthwhile because it also protects against phishing attacks numeric authentication codes are definitely way better than having no two-factor protection at all but they can still be stolen if you accidentally enter them on an imposter website u2f helps to stop this by using the original domain of the site as part of the secret sauce it uses to generate the private key for that account so if you use your physical key to login to an attackers website the response it will send to that hostel server will be completely useless and the bad guys won't be able to use it to get into your account and the companies that make you to F keys have added their own additional security features on top of this base public key encryption strategy the ever-popular Yubikey for example requires you to touch a sensor on the USB stick before it authenticates ensuring that there's an actual human trying to gain access and not some kind of malware bot with all that said as great as this kind of physical security can be you still need to make sure you don't do anything dumb like drop your keychain in a shady part of town which racing against the clock is a freelancer well it's challenging but thanks to the growth of the internet there's never been more opportunities for the self-employed and to meet this need fresh books created their cloud accounting software designed for the way you work fresh books is the simplest and easiest way to be more productive more organized and perhaps most importantly get paid faster you can create and send professional-looking invoices in less than 30 seconds you can set up online payments with just a couple of clicks and get paid up to four days faster you can see when your client has seen your invoice and put an end to the guessing games and they've got fully featured apps for both Android and iOS so you can take the fresh books experience with you on the go they're offering a 30-day unrestricted free trial to our viewers so to claim it go to fresh books comm slash tech quickie and enter tech quickie in the how did you hear about us section I'll have that linked below so thanks for watching guys dislike or like check out other channels leave a comment with video suggestions and what was he gonna say you guys now I know what I was gonna say not you I meant the viewers was supposed to get subscribed you know what forget it I quit