• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Investors
  • Innovation history
  • Secure it Forward
Man holding YubiKey
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
  • FIDO
  • FIDO U2F security key
  • strong authentication
Google headquarters
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
  • FIDO
  • FIDO U2F security key
  • strong authentication
Hand holding YubiKey behind Apple iPhone
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
  • FIDO
  • FIDO U2F security key
  • strong authentication
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
Woman holding YubiKey 5ci
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
  • FIDO
  • FIDO U2F security key
  • strong authentication
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
  • FIDO
  • FIDO U2F security key
  • strong authentication
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Critical infrastructure
  • Secure supply chain
  • Protect call centers
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
  • HYPR experience
  • Okta identity solutions
Hand holding YubiKey behind Apple iPhone
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Lock on a laptop
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Government building
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • Federal systems integrators
  • State & local government
  • Education
  • Financial services
  • Elections & campaigns
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Energy & natural resources
  • Manufacturing
man working a manufacturing line
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Person looking at a computer with a government building showing
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Remote workers at a wind farm
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
  • FIDO
  • FIDO U2F security key
  • strong authentication
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
Laptop with a YubiKey inserted
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
  • FIDO
  • FIDO U2F security key
  • strong authentication
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
  • FIDO
  • FIDO U2F security key
  • strong authentication
Considering Passkeys for your Enterprise?

Learn how to avoid the common pitfalls of synced passkeys

Get the Ebook
  • FIDO
  • FIDO U2F security key
  • strong authentication
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
YubiKeys in lots of form factors
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
  • FIDO
  • FIDO U2F security key
  • strong authentication
YubiKey on a keychain plugged into a laptop
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
  • FIDO
  • FIDO U2F security key
  • strong authentication
Worker with a calculator and laptop with a spreadsheet
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
  • FIDO
  • FIDO U2F security key
  • strong authentication
SubscribeStore
  • Home » Blog » FIDO Aims at Standardized Strong Authentication

    FIDO Aims at Standardized Strong Authentication

    John Fontana

    John Fontana

    December 17, 2014
    3 minute read
    Share on FacebookShare on XShare on LinkedInShare via Email

    In the early 1990s, a company called Softswitch found itself at a strategic crossroads in that it held the key to integrating disparate electronic messaging systems.

    So strategic, in fact, that Lotus Software paid $62 million to acquire the company and send a ripple of fear through its main email competitor Microsoft.

    In a story on the acquisition, the New York Times described Softswitch as the maker of “switches that allow corporate users of electronic mail to send and receive mail from other systems. So someone in an office in San Francisco could send a note to someone with a different sort of computer, word-processing software and E-mail message system in New York.”

    By today’s messaging norms, the need for such switches is laughable.

    Companies providing integration of email systems have disappeared, made obsolete by standards such as SMTP, POP3 and IMAP that scaled email to its current state as a global backbone of electronic communication.

    Standards are how the Internet scales to service a global community; numbering systems (IP), naming systems (DNS), protocols, and coding to highlight a few. Bodies such as the IETF and NIST are some of the most well-known standards organizations.

    These global-scale benefits provided by standardization are what the FIDO Alliance hopes to achieve with the release last week of its 1.0 strong authentication specifications. While not yet standards, the hope is to create an Internet layer of authentication that reduces the reliance on passwords and aligns with the traditional stack of identity and access management tools, themselves going through a standardization transformation.

    Standards will allow the largest collection of vendors, enterprises and consumers to adopt and integrate strong authentication into their computer systems, which are under attack at an unprecedented scale.

    For 2015, Gartner says “all roads to the digital future will lead through security.” But it won’t be a magic bullet or a monolithic defense that defines the norm. Security will be defined in the marriage of technologies. “Security-aware application design, dynamic and static application security testing, and runtime application self-protection combined with active context-aware and adaptive access controls are all needed in today’s dangerous digital world,” according to Gartner.

    And when security is assembled, it shouldn’t need specialized middleware to hold it all together like email of the 1990s. That task will be accomplished with standard APIs and standard protocols that add scale and subtract as much complexity as possible.

    One of FIDO’s stated goals since its inception two years ago has been to turn over to a standards body its work on both the Universal Authentication Framework (UAF) and Universal Second Factor (U2F) specifications. Standardization of FIDO specifications, either de facto or by traditional means, is where FIDO will mark its work as finished.

    Proof of initial success isn’t just in the 1.0 specifications, but in products and services available today from a number of FIDO members including Yubico with U2F support in FIDO U2F Security Key and NEO YubiKey. These keys are further simplified by not requiring drivers or client software, and providing a user identity independent of a third-party service.

    Last week was an important milestone for FIDO, the next steps should be important for consumers and enterprises, and the final steps should deliver the connecting tissue needed to support strong authentication as a key tenet of future Internet security.

    Today, we are one step closer to that reality.

    Share this article:

    Share on FacebookShare on XShare on LinkedInShare via Email

    Recommended Posts

    • Coming soon: ‘Bring Your Own Key’ capability in YubiHSM 2 will bring the most flexible and highest assurance solution for data security and portability for multi-cloud environments

      Creating a robust data encryption strategy in a multi-cloud environment can be challenging. Considerations like availability, fail-over, control, cost and compliance are crucial. For organizations that are encrypting data on-premises and considering moving data to the cloud, a typical approach is to use an on-premises Hardware Security Module (HSM) or a cloud-based HSM. However, acquiring […]

      Read more
      • BYOK
      • YubiHSM 2
    • Resolve to be cyber resilient: Moving on from legacy MFA in energy and natural resources

      Every November, Critical Infrastructure Security and Resilience (CISR) Month focuses on educating the vital role critical infrastructure plays in the nation’s well being. Led by Cybersecurity and Infrastructure Security Agency (CISA), the conversation centers around why it’s important to strengthen critical infrastructure security and resilience.  One of the critical infrastructures, energy and natural resources, is […]

      Read more
      • CISA
      • energy and natural resources
      • PIV
      • smart card
    • Transcending passwordless authentication with HYPR and Yubico

      In today’s ever-evolving cyberthreat landscape, organizations face increasing challenges in securing their sensitive data and systems from sophisticated attacks like AI-strengthened phishing campaigns or impersonation attacks backed by spates of leaked PII . Even in today’s environments where new, ever larger, breaches make news every week, we’re continuing to see enterprises and employees across the […]

      Read more
      • HYPR
      • partner
      • passwordless
      • survey
    • Phishing-resistant MFA helps businesses reduce risk and costs in the face of a rapidly changing cyber insurance landscape

      To address and insulate themselves from the growing trend of cyber security breaches, more businesses are turning to insurance agencies for cyber insurance policies. While these policies have been around in some form since the late 1990s, the fast growing threat landscape and comparative youth of these policies means that rates and limits have fluctuated […]

      Read more
      • case study
      • cyber insurance
      • partner
Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Investors
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust