FIDO authenticators and YubiKeys are making the internet safer

In 2007, Yubico set out to protect as many people as possible by making secure login easy and available for everyone. We are happy Apple has joined Yubico, Google, and Microsoft on this journey by implementing W3C WebAuthn/FIDO compatible platform authenticators and are pleased to say that now all major platforms have adopted the standards Yubico worked more than 10 years to create and proliferate!

In 2013, when our solution was proven at scale inside Google, and before we contributed our joint work to the FIDO Alliance, we presented our standards vision blog and Future of Authentication FAQ. As the ecosystem evolved, Yubico has been focused on enabling portability, security, and privacy across all devices and systems.

Portable root of trust – The YubiKey can be used across systems for all devices, including shared workstations and mobile restricted environments. FIDO protocols allow for multiple authenticators to be registered to accounts, allowing YubiKeys to be the primary authenticator or an affordable back-up FIDO authentication key, when a computing device is lost or broken. YubiKeys are extremely durable and do not need to be charged to operate. 

Minimizing the attack surface – While it is far better security to store cryptographic secrets on a more secure area of a phone than in a software app, the risk is further limited when keeping your credential separate and outside a complex, multipurpose device. The Intel SGX vulnerabilities highlight the cybersecurity risks of multipurpose components constantly connected to the internet. For all authenticators, being built-in or external, a trusted supply chain matters. Most certifications focus on interoperability, few review cryptographic code, and none can ensure total system architecture, implementation, and supply chain security.

Decentralization and ecosystem independence – The major tech vendors, including Google, Apple and Microsoft will want to link your credentials to their platforms and systems. Many users and consumer applications will accept these privacy trade-offs, but it can be a concern for others, including high-risk individuals, enterprises, and government services. 

More than 4 billion internet users need easy and strong login protection. The vast majority of all IT breaches are due to stolen login credentials, mainly from static passwords or other weak authentication methods. YubiKeys and FIDO-enabled phones and computers are here to stop account takeovers and advanced phishing attacks and make the internet safer for everyone. Big warm thanks to everyone on the Yubico team and the global open standards community who has helped make this shared vision happen! 

Talk to our teamTalk to our team

Share this article:


  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselUm sich auf die sich ständig weiterentwickelnden Cyber-Bedrohungen vorzubereiten, passen Regierungen weltweit die Authentifizierungsanforderungen für Online-Dienste an und aktualisieren sie, was direkte Auswirkungen auf viele Unternehmen und deren Mitarbeiter hat. Zwar gibt es derzeit keine universelle Regelung für eine robustere Multi-Faktor-Authentifizierung (MFA), doch wird deren Notwendigkeit in einer Reihe von Anforderungen hervorgehoben, darunter PSD2, DSGVO […]Read moreYubiKey
  • Yubico delivers PIN advancements with new YubiKey 5 – Enhanced PIN keysTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreCompany NewsProduct NewsYubiKeyYubiKey 5 – Enhanced PINYubiKey 5 SeriesYubiKey as a Service
  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard