Tag: authentication


Bridge to Passwordless: Separating fact from fiction in your journey

“Passwordless” can feel like a loaded term, with the security industry filled with differing and contradictory positions on the topic. The purpose of this whitepaper is to take an objective approach to understand the challenges that passwords present, what “passwordless” means, and what enterprises can expect moving forward as passwordless authentication matures.


Federal government authentication lessons

Learn what the government did right and what challenges still lie ahead.


Authentication Best Practices to Protect Against Identity Phishing

Learn what strong authentication really is, why it’s key for enterprise-wide identity assurance.

YubiKey FIPS Series

FIPS 140-2 validated security keys Meets stringent compliance requirements for highly security-conscious organizations Superior authentication FIPS 140-2 validated (Overall Level 1 and Level 2, Physical Security Level 3) Meets the highest authenticator assurance level 3 (AAL3) of NIST SP800-63B guidance. Easy, fast, reliable Hardware authenticator, offering one-touch strong authentication. Does not require a battery or


4 things ‘Among Us’ can teach security professionals about authentication

You’re making good progress on this task. One more data upload and then you’re out of here. But right before you can complete the upload, a klaxon blares. There’s been an attack! Time to head to the meeting room for the usual finger-pointing and scapegoating before the team decides who to jettison from the ship.

What is authentication assurance?

What is authentication assurance level 3? The NIST is on version 3 of the Authentication Assurance levels, called Authentication Assurance Level 3 (AAL3). Authentication Assurance relies on examination of the cryptographic modules of an authenticator. Level 3 requirements (AAL3) means that the code is within a tamper-proof container so that keys used in the cryptography are destroyed

Yubico Authenticator

Yubico Authenticator adds a layer of security for online accounts Generate 2-step verification codes on a mobile or desktop device Experience stronger security for online accounts by adding a layer of security beyond passwords Secure all services currently compatible with other authenticator apps, including Google Authenticator Hardware-backed security Add your credential to the YubiKey with


What is OATH? Open Authentication (OATH) is an initiative addressing challenges making standard, open technology available to all. Learn more about OATH How to use OATH with the YubiKey? When using OATH with a YubiKey, the shared secrets are stored and processed in the YubiKey’s secure element. This has two advantages over storing secrets on

What is a Man-in-the-Middle (MiTM) Attack?

What is the goal of a Man-in-the-Middle attack? The goal of these attacks are to steal personal user information. Examples are usernames and passwords, credit card information, or account details. Attackers then use obtained information to access account information, change login credentials, or initiate unapproved fund transfers. How do I prevent Man-in-the-Middle attacks? Security keys

What is a YubiKey?

The authentication challenge Our mission is making secure login easy and available for everyone. Balancing security and usability has always been a challenge. And the more secure hardware authentication solutions are difficult to use and deploy. The YubiKey changes this. YubiKey is trusted by the world’s leading companies