2015 Was A Yubico Rocket Ride

Yubico Team

Yubico Team

2 minute read

Around this time last year, the FIDO Alliance had just released the final draft of the U2F specification, a moment that would greatly impact Yubico’s upcoming year.

Within four months, Google had upped its commitment to U2F, adding support for Yubico’s Security Key in Google for Work. In August, DropBox added support for its user base, and two months later, GitHub joined in with support for U2F strong authentication to protect its users. In just 10 months, the YubiKey was an authentication option for platforms and apps used by tens of millions of people.

U2F, however, was just validation of YubiKey’s pedigree as a modern hardware authentication device.

Next up was a grand introduction of the YubiKey as a security device, including OpenPGP encryption with support for 4096-bit RSA crypto keys, a PKCS#11 library to support PIV functionality, and a relationship with Docker that produced a code signing milestone they dubbed touch-to-sign.

With two strokes, Yubico had revealed its Swiss Army Knife versatility and the value of multiple functions available on a single YubiKey. These milestones injected the YubiKey into the heart of a modern security debate among consumers, enterprises, and governments.

And there was more! Yubico talked online identity protection during a personal meeting with President Obama, explained the ins and outs of cryptography in a multi-part blog series, earned FIDO Certification, forged relationships with the federation players, helped add Bluetooth and NFC transports to U2F that opened mobile devices to the FIDO standard, linked up with LinkedIn, and talked SSH, ECC, and OIDC.

We also had our lighter moments. We met a Princess, had a cameo in a Hollywood movie, detailed the YubiKey’s duties during our work days, and crowned three YubiKings.

We learned to live on less sleep than Buddy the Elf, and that our customers have savvy and knowledge we are glad they openly share with us and others.

Above all, we were humbled by the ruckus the YubiKey caused.

Now, moving into 2016, we are running fast with a new 4th -generation YubiKey, Mozilla’s commitment to add FIDO U2F support to the Firefox browser, and the World Wide Web Consortium’s work to standardize Web APIs and data formats for use with FIDO 2.0.

And, of course, we look forward to the innovations, milestones and surprises we know will illuminate 2016.

Happy New Year!

Talk to our teamTalk to our team

Share this article:
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing
  • 5 fast cybersecurity tips to clean up your digital lifeWith today being Identity Management Day, now is the perfect time to take stock of your online presence, update security settings, and ensure that your personal data remains protected from cyber threats like phishing. We’re also seeing increasing concerns of DeepSeek and other AI tools around data privacy making these kinds of attacks more successful […]Read morebest practices
  • Navigating the PCI DSS 4.0 transition and meeting compliance with phishing-resistant YubiKeysIn just a few days, on March 31, 2025, decision makers in industries that involve payment processing – including financial services, retail & hospitality and telecommunications – are tasked to finalize the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0. This deadline marks a critical juncture for all organizations handling payment card […]Read moreNISTPCI DSSPCI DSS 4.0
  • Building cyber resilience with Yubico and MicrosoftIn today’s digital landscape, cyber threats are evolving at an unprecedented pace: every second, a phishing attack takes place. In fact, over 80% of these attacks are the result of stolen login credentials and almost 70% of phishing attacks relied on AI last year alone. Recent data from Microsoft Entra also reveals a staggering increase […]Read moreMFA mandatesMicrosoft