Google is doubling down on authentication with a strong commitment to FIDO’s Universal Second Factor (U2F) protocol and Yubico’s Security Key as part of an expanding emphasis on security.
The cloud computing giant joined Yubico on a live Webinar to continue a conversation entitled “Google for Work, FIDO U2F, and YubiKeys.” A recording of the webinar is now available for playback online.
Julien Blanchez, marketing lead for Google for Work, outlined where the Security Key fits into Google’s security strategy. He cited three security trends — increased risk, more complex security, and new work environments — as proof that the cloud is the right response for Google to address all three.
“We are not facing teenagers in basements anymore, we are facing armies targeting large organizations and individuals,” he said.
He cited Google’s innovation, size, and agility as top weapons in its arsenal. “Google can see things in a comprehensive way,” he said. Blanchez tagged authentication as the most important security issue today, saying three-quarters of 2014’s hacks were linked to the theft of login credentials.
Yubico and Google co-invented the U2F protocol. Yubico invented the Yubikey, including the Security Key, and has focused on U2F support. These U2F-based keys can now protect all Google services with two-step verification. Currently Google has a special offer for a 50% discount on Security Keys for Google for Work customers in the US, Canada, and EU. (It should be noted that FIDO U2F Security Key, YubiKey NEO, and YubiKey Edge all support U2F but only Security Key is part of the offer.)
In addition, Google is actively adding Security Key management controls to its cloud services, including Google for Work, Google Apps Unlimited and Google for Education. “In the coming months we will become stronger and stronger advocates for these Security Keys,” Blanchez said.
Yubico continued the discussion with an in-depth look at the YubiKey, its place on the authentication landscape, its range of authentication options, support for U2F, and how its unique one-touch user interface is solving one of cryptography’s major complexity issues.
A live demo shows how to register a YubiKey in the Chrome browser with three brief steps. The benefits are phishing protection, privacy, affordability and the ability to use one key to authenticate to many services.
A glimpse is given of the differences and complementary relationship of the YubiKey and smartphones-as-authenticators. The wrap-up features answers to a range of audience questions from browser-based U2F support to lost YubiKeys.
Yubico’s Kevin Casey, senior solutions engineer, and Sue Heim, information development, host the webinar.