 Have you heard about Ubiquis but are not sure what they are? Everyone's talking about them and how you need to factor authentication or to factor authentication in order to secure your accounts. In this video I'm going to show you what is a Ubiqui and how you can set it up without zero. Hello everyone, I'm Carla and in this video you'll learn what is a Ubiqui and how you can use it to add two factor authentications to your applications in out zero. A Ubiqui is a hardware device that makes two factor authentication a lot easier. All you need to do is plug it into your laptop and tap it and that's it. Ubiquis are also called security keys and are manufactured by a company called Ubico. There are other companies like Google also providing security keys but for this video I have the one from Ubico and that's the one that we will be using. ASMR, nice. But how does a Ubiqui actually work? Usually when you go on a service you are required to provide something that you know like your login credentials for example, email password. Two factor authentication adds a security layer on top of that by requiring you to provide also something you own. For example, a code from an authenticator app or a code sent by an SMS. In this case that's something you own will be the Ubiqui. Some of the advantages of using a Ubiqui over any other two factor authentication method like an authenticator app for example is that you login by just making a simple gesture. All you have to do is tap on the Ubiqui and that is it. Apart from that you can define as many Ubiquis as you want in your account. In fact it is actually recommended that you set up more than one in case you lose the main one. For the sake of this video I'm only going to be setting up one because I only have one right now but I highly recommend that you set up two if you can. Now if you're a developer you might have heard of something called WebAuthen. If not don't worry I can help you out with a brief explanation of it. WebAuthen enables browsers like Google Chrome or Firefox to create and use public key credentials to strongly authenticate your users on your web applications. We'll cover a bit on how WebAuthen and Ubiquis are related later on. But as for now let's go and set up our Ubiqui. Now how can you set up your Ubiqui? You can really do this on any of the mainstream services like Google, Facebook, Instagram and so on. If you're curious about where else you can do it, Ubiqui has an extensive list of all the applications that support working with Ubiquis. What we're going to be doing next is we're going to enable using security keys in your OutZero application so your users can authenticate using their Ubiquis. All you need to do to follow along this video is to create an OutZero account and you can find the link for that in the description below. So once you went and created your OutZero account this is what you'll see. This is the OutZero dashboard. You'll see here this is my tenant, the Ubiquis demo one and in order for us to enable the multi-factor authentication feature we're going to go to security, click on multi-factor auth and there are two things that we're going to have to enable here. We have the factors which is which kind of factor authentication we want to use. In our case it would be the WebAuthn with FIDO security keys and then we also have to set up the policies. Let's go ahead with the factors first. We're going to click in the WebAuthn with FIDO security keys and enable it in this table right here. You will see a message saying WebAuthn with FIDO security keys is now enabled and now we go back and we need to tell OutZero when do we want the user to be prompted with this additional step. You have three options, never use adaptive MFA and always for the sake of the video let's just you know require them to always prompt these to us. We are sure and then again we'll get a success message up here. So we're going to go ahead back to the dashboard and in order to test this we are going to do it with this awesome feature called the try your login box. Let's click try it out and let's go ahead and try both part of the process. So we're going to do the sign up and we're going to do the login. So the sign up will allow us to create a new credential and to register our Yubiki. So let's sign up with some test email. I've used many test emails and I have to create a very creative password and secure one. There you go. We click continue and up next we're going to be asked to register or to add our security key. In this case is our Yubiki where you can see it right here. The first step is to connect it to our laptop. So I'm going to go ahead and plug it in here. Once you plug it in make sure you see a light because otherwise it makes it not plugged in correctly speaking from experience. And then we have to follow the steps from the browser. So let's click in use security key. We're using a USB security key. And now I have to go ahead and do the authentication gesture which is just tapping my security key. As I tap it you'll see this will be removed. So I'm going to tap it now. That's it. And now we're getting prompted to give it a name. So please give it a meaningful name for you. In my case I'm going to name it you know my main most important key in the world. You know something meaningful for you. Alright and now we click in continue. And if everything went well this is the screen that we're going to see. Now what happens when we try to log in again? You must be familiar with the fact that most applications nowadays remember your devices for a certain number of days or hours. So if I click on try it out again and I want to log in it's going to ask me to verify my identity again because I set that up in the policy earlier. So I'm going to go and use the security key and this is how I log in done. That's it. No password nothing. This is one of my favorite things of using UV keys. And that's literally it. You have set up UV keys for your ulterior users. That's it. Remember I told you earlier that I was going to explain the relation between Web Authent and UV keys. Well in Web Authent there are three main components. The authenticator, the client and the reliant party. In this particular case the authenticator will actually be the UV key. In Web Authent when you create a new credential it makes the UV key create a new set of public key credentials. But if you want to learn more about this I highly recommend that you go ahead and watch Will's video called Web Authent for Developers so you can understand better how the UV key comes into play in the Web Authent process. So did you like this video? Do you think we should cover anything else? Let me know in the comments below. Goodbye and thank you so much for watching.