Back in the mid-2000’s, Yubico’s co-founders Stina and Jakob realized first hand how easy it could be for malicious cyberattacks to succeed. When they went to set up a new bank account in Sweden, Jakob couldn’t believe how simple it was to hack it. Within a matter of a day, Jakob demonstrated how a hacker could access Stina’s account through widely used methods of cyberattacks still used today. The Ehrensvards knew there needed to be a better alternative to account security for businesses and consumers, but also knew it would be critical for it to be user friendly and convenient to use. Thus, the first prototype of a new authentication method was born with these factors in mind: a physical security key called the YubiKey.
Fast forward 16 years later, and Yubico continues striving to make cybersecurity as easy as possible for our customers. In addition to our hardware security keys and Yubico authenticator app, we provide a full suite of services including YubiEnterprise Subscription, YubiEnterprise Delivery, and ongoing 24/7 support with Yubico’s expert consulting and support services. These services all have the purpose of increasing ease of use, ease of procurement and easy deployment.
Prior to the creation of hardware security keys, users had very few options for authentication and none of which were truly phishing-resistant. Methods included a time-based device that required batteries (which ran the risk of dying); a push app that required you to have your phone with you at all times and to have internet connectivity; and an SMS code that often required memorization and to have your phone connected, charged and in working order, have all proven susceptible to cyber criminals.
Strong Security – Made Easy
The YubiKey was designed specifically to be as easy-to-use (or more) as traditional authentication methods: simply insert the YubiKey to a device (or tap using NFC capability), touch the YubiKey to verify and you’re in.
No matter what device you use, the YubiKey provides a seamless experience:
- Are reliable and can be set up in minutes
- Don’t require batteries, WiFi or network connection – just secure, modern, phishing-resistant MFA.
- Eliminate the need to reach for your phone to open an app, or memorizing and typing in a code—simply touch the YubiKey to verify and you’re in
- Are trusted—You don’t need to use the YubiKey every time you log in. Once an app or service is verified, it can stay verified. It’s that easy
- Use NFC for mobile authentication
- Option to leave plugged into your laptop or USB hub
- Are a rugged and durable solution (even survives the washing machine!)
- A simplified strong authentication solution when onboarding new devices
- Strong protection for your credentials as they reside on something that isn’t tied to any system or server
- Ability to register multiple keys with most services, providing you with a primary and a backup key
A recent Yubico survey found that within the last two years, nearly 40% of people admit to having broken their mobile phone and nearly 30% have lost it (a device individuals and organizations commonly use to authenticate). In another study by EMA, surveyed businesses using YubiKeys reported they received the lowest frequency of support tickets, taking a massive burden off of support teams when compared to basic and legacy MFA methods.
With the YubiKey, that hassle of not being able to access your accounts is eliminated. Because the YubiKey becomes your portable root of trust, it provides secure access to your accounts on desktops, laptops, tablets and smartphones seamlessly, instead of having to rely on a phone for authentication.
“We want to make sure that things are easy and as seamless as possible for our end user. That’s why YubiKeys are becoming such a big part of our organization.”Art Chernobrov, Director of Identity, Access, and Endpoints, Hyatt Hotels Corporation.
As best practice for easy account recovery, it’s recommended to have two YubiKeys: one to serve as your primary key and one to serve as a backup. Many services give you the ability to register both keys at the same time. Services like Google, Facebook and Twitter have provided support for YubiKeys for years, and most recently, as part of iOS 16.3, Apple announced the general availability of security key support for Apple ID accounts.
Strong Security Adoption
16 years later, Stina and Jakob are leading the charge of security key adoption behind the core principle that strong security doesn’t have to be complicated. Trusted, easy-to-use authentication should be the norm.
To get started with easy-to-use, phishing-resistant security, see what key is right for you by taking our quiz. YubiKeys come in multiple form-factors and are designed to be used by both consumers and enterprises, so there’s a key for everyone.
Yubico makes strong security easy with our updated and enhanced YubiEnterprise Subscription program which is designed with cost savings, flexibility and seamless distribution in mind. Suited for organizations with 500 users or more, enterprises can now choose from two subscription enterprise plans for YubiKeys – check out more info here.
If you’d like to get a bit more in-depth about the keys, you can sign up for our upcoming webinars, or check out our on-demand library here.