LinkedIn Secures Employees with MFA, Okta, YubiKey

Weak passwords and the employees that use them are the biggest threat to IT security, Raj Nagalingam, Senior Systems Engineer at LinkedIn, told the audience at last week’s Oktane15 conference.

LinkedIn and Okta MFA

To combat such threats at LinkedIn, Raj has turned to Okta’s multi-factor authentication plus the YubiKey as one way to protect resources and employees (often times from themselves).

Raj and Jerrod Chong, Vice President of Solutions at Yubico, walked the Oktane15 audience through the YubiKey’s benefits and strengths, and the strategy and tools LinkedIn used to deploy Okta’s cloud-based Adaptive Multi-Factor Authentication with a one-time password (OTP) generated by a YubiKey.

LinkedIn’s user login begins with entering a user name and password into Okta. If valid, Okta pops up a window asking the user to insert and touch the button on their YubiKey providing LinkedIn with MFA. The Okta platform checks to ensure the YubiKey itself is registered to the user before verifying the OTP. Upon successful OTP validation using the Okta validation service, the user is allowed to log in.

Raj stresses that YubiKey’s OTP is harder to phish and is resistant to malware since nothing can be written to the key. And, he added, users are instantly hooked on the ease-of-use.

“If you ask your mom to do this, she can,” he told the audience.

LinkedIn’s Move To U2F

LinkedIn’s current plan is focused on Yubico OTP, but in the near future, the company wants to move to authentication using the FIDO Alliance’s U2F protocol that is based on public key cryptography.

During the session, LinkedIn also reviewed how it used the security and policy framework developed by the Cloud Security Alliance (CSA) to decide how to enforce second-factor authentication for applications. The framework categorizes applications into three levels — Limited, Confidential, and Highly Confidential — each of which define required access controls for apps.

“We grade every app in our environment and our security team makes decisions based on data classification,” said Raj. “In today’s world, everyone works in cloud apps and they use passwords that are static and weak. I recommend enabling multi-factor authentication.”

And he thinks the YubiKey has the right stuff. “It’s fast and easy. Just insert and touch.” Discover more about YubiKey MFA and the companies and programs, like LinkedIn, we support from our Works with YubiKey page.

Talk to our teamTalk to our team

Share this article:


  • CEO Corner: Entering the second half of 2025 with momentumAs we continue to move further into the second half of 2025, I want to share a look back at our journey so far this year and as well as lay out Yubico’s strategic path ahead.  Resurgence in order growth and key segment wins While net sales declined for Q2, the end of the quarter […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Survey says: Your dog’s name isn’t a passwordWe all know we should be protecting our digital lives, but what are Americans actually doing? Yubico recently commissioned a survey, conducted by Talker Research, which asked 5,000 Americans in 10 major metro cities across the U.S. about their online security habits. Here’s a closer look at what they found (hint: they’re not as secure as they […]Read moreCompany Newssurvey
  • Passkeys are winning, but security leaders must raise the barPasswords are on their way out. In their place is a new form of login called passkeys that promises stronger security and less frustration. All passkeys offer the rare combination of improved usability and stronger security, especially when compared to passwords alone. But unless we act now, millions could be left more vulnerable than ever. […]Read moreDevice-bound passkeysHardware passkeypasskeyssynced passkeys
  • Your top YubiKey questions, answeredOver the 10+ years I’ve been at Yubico, I’ve had the pleasure of meeting customers, partners and many others talking about digital security. While every conversation is different, I am often asked many of the same questions about YubiKeys. One thing remains consistent: many people know they need better security, but they’re not sure what […]Read moreFAQYubiKey