July 2025

So Many 2FA Keys...

*sponsored by Yubico​

3 Questions to Ask about 2FA Keys

If you've ever shopped for 2FA keys before, you know that it can feel confusing. Do you need to worry about the firmware? Do you need fingerprint security? How many should you buy? I'll share more thoughts later in this email, but here's a quick short I did this week:

​How to Choose the RIGHT 2FA Key →​

Go Deeper: another legitimate concern I hear from people is this - can I trust this security key company with my accounts? That's a great question, and one that is worth diving into.

Can I Trust Yubico? They didn't sponsor this trip...I went because I wanted to see for myself how Yubico is run. ​I Visited Yubico HQ →​

Apple 2FA Tutorial If you haven't yet set up a 2FA key for your Apple account, here's how to do that. ​iPhone 2FA Setup Guide →​

My Advice for Choose a Security Key

Hi [CORRECTED_NAME GOES HERE], there are a few things that I think are a "no brainer" part of security for any and everybody, no matter what your risk tolerance, life stage or economic status:

• ​Get a credit freeze (free)
• Use a good password manager (free + paid)
• Use a 2FA security key ($20-$50)

Guides for the first two are linked above, but today I want to talk a bit about the 2FA security key. Yes, you could do SMS text or an authenticator app, but I believe there is so much value in having your own key.

So which key should you choose?

These are the three questions I like to ask to help people make this choice:

• What kind of connector do you need? For most people now, a USB-C device will cover most devices, but if you still use USB-A or even the lightning connector, it's worth taking that into consideration. Thankfully, most YubiKeys are also equipped with NFC so you don't even need to plug it into the device, you can just tap it.
• How would you like to store the key? I keep one key on my keychain, but there are smaller ones that can be stored at all times in the USB-C port of your laptop (I have one of those as well).
• Do you want to use passkeys or passcodes? Older security keys didn't have enough storage to hold passkeys and passcodes, so if you purchased before 2022, your key likely can't hold passkeys. You're going to want the option in the future to use passkeys, so make sure you purchase a key that can store them (for YubiKey, you're looking for firmware 5.7 or higher).

Part of my setup for 2FA keys is that both my wife and I each have two keys: one primary and one backup key. My keys are programmed to work with all of her major accounts and her keys are programmed to work with mine.

As we transition to owning our own security, it's important that we have this backup system in place and that our loved ones have the appropriate access in case something happens to us.

Sponsored by:

YubiKey ($5 off!) If you want to get that extra key for your spouse, for your parents, or just for yourself, this exclusive $5 off link is the perfect excuse to do so. Get the budget Security Key series or go for the Series 5. Get $5 off a YubiKey

This Week in Privacy News

​23 and Me Sale Controversy Ended?​

A bankruptcy judge has approved the sale of the insolvent genetics firm 23andMe to a nonprofit run by one of the company's co-founders. The deal effectively avoids the controversial transfer of DNA data to a third party.

--> npr.org/2025/06/30/nx-s1-5451398/23andme-sale-approved-dna-data

​​
​​Look Who's Calling...US Official Marco Rubio?​

An unknown fraudster has used artificial intelligence to impersonate the US secretary of state, Marco Rubio, contacting at least five senior officials according to the state department.

--> theguardian.com/us-news/2025/jul/08/marco-rubio-ai-impostor
​

​India Blocks Reuters + 2,355 other X accounts​

India’s government ordered X to block over 2,000 accounts, including two belonging to Reuters News, citing concerns over press censorship. This action raises questions about government overreach and its impact on privacy and freedom of information.

--> cnbc.com/2025/07/08/elon-musk-x-india-censorship-reuters.html

Do YOU use 2FA keys?

Hopefully if you've been following me for a while, you've already set up your own 2FA keys for your accounts, but...

But what about the rest of your family?

It's worth taking the time to make sure you have the appropriate backups as well as everything set up for your spouse and parents as well.

✌️

Josh

​​​

3824 Cedar Springs Rd #801-8170, Dallas, TX 75219
​Unsubscribe · Preferences​