After a two-year evaluation of one-time passwords (OTPs), TLS certificates, smart cards and other authentication methods, Google confirmed that FIDO U2F Security Keys were best suited to deliver on the company’s security and usability needs. Shortly thereafter, Google expanded its deployment of the YubiKey to all staff and contractors for secure computer and server login, reaching more than 50,000 employees.
Google’s two year study to measure the business impact of hardware-based authentication highlighted several important benefits:
- Heightened security: Internal accounts protected solely with a YubiKey and FIDO U2F have experienced a significant increase in the level of security.
- Accelerated employee productivity: Employees saw a significant reduction — by nearly 50 percent — of the time to authenticate using a YubiKey compared with using a one-time password (OTP) via SMS. Logins were nearly four times faster when comparing the YubiKey to Google Authenticator. The time saving is primarily due to the one-touch YubiKey authentication that executes in milliseconds.
- Reduced support: Compared to using a phone for authentication, YubiKeys were found to be easy to use, robust in design, waterproof and did not easily break. The YubiKey also allowed for issuing multiple backups to each employee, including one YubiKey nano designed to sit inside the user’s laptop and one YubiKey designed for a keychain. Google found support calls dropped, with 92% reduction in support incidents, saving thousands of hours per year in support costs. Furthermore, authentication failures are estimated at zero.
- Lowered cost of ownership: The combined security, usability, and workflow efficiencies of the YubiKey, allowed Google to give each employee multiple YubiKeys and still realize overall cost reductions.