Trust has to be a cornerstone in order to protect the online identities of 500 million people doing business across borders, Yubico’s CEO and Founder, Stina Ehrensvard, told an exclusive crowd of 500 EU digital policy makers and industry representatives last week at Digital Assembly 2015 in Riga, Latvia. She held up a single YubiKey […]
Read moreOne common theme across the talks at last week’s Cloud Identity Summit (CIS) revealed a desire to simplify and unify existing identity and access management (IAM) technologies and standards to build a pragmatic approach to modern identity. For years, authentication, authorization, single sign-on (SSO), federation, governance, risk, compliance, standards, etc., etc. have all been pointing […]
Read moreThere’s a secret that single sign-on (SSO) never talks about. It’s called authentication. The SSO conversation starts without mentioning the assumption that the user is already logged in. A login that requires a password. Instead, SSO is quickly positioned to triumph over the dangers of weak and reused passwords. Many times, however, those same suspect passwords […]
Read moreA few weeks ago, I was in my hotel and reached into my pocket to get my YubiKey. Without it, I can’t log into certain email, CMS or other systems without going through an involved IT administrative process. The key was gone. That is an instantaneous bad feeling, wiped away only by the backup YubiKey […]
Read moreInteroperability is king and today the FIDO Alliance announced its FIDO Certified program and a list of 31 products that have passed conformance and interoperability testing. The three YubiKeys that support FIDO’s Universal 2nd Factor (U2F) protocol – NEO, Edge and Security Key – are now certified and part of this important maturation in FIDO’s design. […]
Read moreThe authentication landscape has been altered and evidence of that can be seen among a trio of front runners: FIDO U2F, Google and Yubico. This week, Yubico laid out the details during a live webinar entitled “FIDO U2F, Google Drive for Work and YubiKey,” that is now available for playback online. The in-depth discussion starts […]
Read moreYubico recently learned of a security issue with the OpenPGP Card applet project that is used in the YubiKey NEO. If you are not using OpenPGP, or have the OpenPGP applet version 1.0.10 or later, this vulnerability does not apply to you. The OpenPGP Card applet defect was inherited from the open-source software project “javacardopenpgp.” The […]
Read moreDeploying enterprise software or services that lack a management console is comparable to jumping out of a plane without a parachute. It’s just not done without damaging consequences. Today, Google delivered a parachute to all high-flying enterprises seeking managed two-factor authentication for their Google Drive for Work deployments. The company updated the Drive for Work Admin […]
Read moreThe one thing end-users don’t seem to have over hackers these days is an edge. Yubico is changing that. Today, we introduce a new key we’ve dubbed the YubiKey Edge. The goal is a cost-effective key with a collection of second-factor authentication options that guard against attacks on your accounts either via malware, phishing and other […]
Read moreU.S. intelligence officials in 2013 said they planned to significantly reduce the number of individuals within their network with system administrator privileges. Those privileges gave administrators rights to view and move around any document. “U.S. intelligence has invited so many people into the secret realm,” an official told NBC News, that it left the organization overly exposed to threats […]
Read more