Facebook Deploys YubiKey and Duo Security

David Maples

David Maples

2 minute read

Yubico and Duo Security are happy to jointly announce today that Facebook has successfully deployed technologies from both companies to provide two-factor authentication across its enterprise.

In order to securely authenticate software engineers to production networks and servers, Facebook needed a solution that provided quick and easy authentication, a fast rollout to employees, and the flexibility for multiple authentication options. After careful consideration, the company deployed solutions from both Duo Security and Yubico. When coupled together, the respective technologies successfully addressed Facebook’s authentication priorities — placing equal emphasis on usability and security.

This complementary combination of two-factor technologies include multiple authentication methods — push, SMS, mobile, voice — of cloud-based authentication from Duo Security and the YubiKey Nano.  Together, these technologies allow Facebook employees and developers to quickly authenticate using the YubiKey Nano, while offering the flexibility and ease of use from Duo Security.   With Duo, users are given a choice of device and method each time they authenticate.  Additionally, Duo supports all phone types, from smart phones to landlines, and lets users authenticate with a variety of authentication factors including the YubiKey.

The YubiKey Nano is the world’s smallest OTP token, and is designed to stay inside the USB-slot once inserted.  To authenticate, users simply press the device and a pass code is instantly and automatically entered, there is no need to physically re-type pass codes.

For additional background on the deployment, recently, a team from Facebook gave a presentation to the Center for Education and Research in Information Assurance and Security (CERIAS) Seminar at Purdue University, explaining how the company utilizes Duo Security and YubiKeys to provide two-factor authentication for the company’s engineers. The presentation provided thoughtful insight into the security culture of Facebook and how that led them through the evaluation and implementation decisions of their two-factor authentication deployment. That presentation can be found here – duo.sc/facebook-purdue

More about Duo Security

More about the YubiKey Nano

, ,
Talk to our teamTalk to our team

Share this article:
  • Platform independent digital identity for all Many are understandably concerned that the great invention called the Internet, initially created by researchers for sharing information, has become a major threat to democracy, security and trust. The majority of these challenges are caused by stolen, misused or fake identities. To mitigate these risks, some claim that we have to choose between security, usability […]Read moreDigital IdentityEUDIFounderStina Ehrensvard
  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU
  • Securing critical infrastructure from modern cyber threats with phishing-resistant authenticationAcross the globe, 2024 has seen a whirlwind of change. With ongoing wars, recent political change-ups and more, growth in data breaches targeting critical infrastructure continue to be on the rise. Critical infrastructure is integral to our everyday life – from the energy and natural resources powering our hospitals and providing clean drinking water, telco […]Read moreCISAcritical infrastructurezero trust