Blog
Stay up to date on company and partner news, product tips, and industry trends.
-
Cloud ID Summit Sharpens Focus on Future of IAM Standards One common theme across the talks at last week’s Cloud Identity Summit (CIS) revealed a desire to simplify and unify existing identity and access management (IAM) technologies and standards to build a pragmatic approach to modern identity. For years, authentication, authorization, single sign-on (SSO), federation, governance, risk, compliance, standards, etc., etc. have all been pointing […] Read more -
Hello, SSO. It’s me, authentication There’s a secret that single sign-on (SSO) never talks about. It’s called authentication. The SSO conversation starts without mentioning the assumption that the user is already logged in. A login that requires a password. Instead, SSO is quickly positioned to triumph over the dangers of weak and reused passwords. Many times, however, those same suspect passwords […] Read more -
Ode to the value of Backup YubiKey(s) A few weeks ago, I was in my hotel and reached into my pocket to get my YubiKey. Without it, I can’t log into certain email, CMS or other systems without going through an involved IT administrative process. The key was gone. That is an instantaneous bad feeling, wiped away only by the backup YubiKey […] Read more -
YubiKeys Earn FIDO Certified Label Interoperability is king and today the FIDO Alliance announced its FIDO Certified program and a list of 31 products that have passed conformance and interoperability testing. The three YubiKeys that support FIDO’s Universal 2nd Factor (U2F) protocol – NEO, Edge and Security Key – are now certified and part of this important maturation in FIDO’s design. […] Read more -
U2F, Google, Yubico Lead Authentication Makeover The authentication landscape has been altered and evidence of that can be seen among a trio of front runners: FIDO U2F, Google and Yubico. This week, Yubico laid out the details during a live webinar entitled “FIDO U2F, Google Drive for Work and YubiKey,” that is now available for playback online. The in-depth discussion starts […] Read more -
YubiKey NEO OpenPGP Security Bug Yubico recently learned of a security issue with the OpenPGP Card applet project that is used in the YubiKey NEO. If you are not using OpenPGP, or have the OpenPGP applet version 1.0.10 or later, this vulnerability does not apply to you. The OpenPGP Card applet defect was inherited from the open-source software project “javacardopenpgp.” The […] Read more -
Google Tools Boost Value of YubiKeys, FIDO U2F Deploying enterprise software or services that lack a management console is comparable to jumping out of a plane without a parachute. It’s just not done without damaging consequences. Today, Google delivered a parachute to all high-flying enterprises seeking managed two-factor authentication for their Google Drive for Work deployments. The company updated the Drive for Work Admin […] Read more -
An Edge over the Bad Guys The one thing end-users don’t seem to have over hackers these days is an edge. Yubico is changing that. Today, we introduce a new key we’ve dubbed the YubiKey Edge. The goal is a cost-effective key with a collection of second-factor authentication options that guard against attacks on your accounts either via malware, phishing and other […] Read more -
YubiKey, YubiHSM: Secret Weapons to Guard Secrets U.S. intelligence officials in 2013 said they planned to significantly reduce the number of individuals within their network with system administrator privileges. Those privileges gave administrators rights to view and move around any document. “U.S. intelligence has invited so many people into the secret realm,” an official told NBC News, that it left the organization overly exposed to threats […] Read more