Tag: developers

Exploring clientDataJSON in WebAuthn

Calling all developers! Today, we’re kicking off our first-ever post in our new technical blog series specifically designed for our developer community. Each month, we will be selecting a new technical topic to cover in more depth. To start our series, we dive into the clientDataJSON object as part of the Web Authentication or WebAuthn

Diablo Valley College students implement WebAuthn in 24 hours

What do you get when you mix six hundred developers, twenty-four hours, twelve challenges and a mass of cash and prizes? The nation’s largest challenge-driven hackathon, hosted by DeveloperWeek in San Francisco. Hackathon participants get just twenty-four hours to create a working proof of concept to solve some of the world’s most pressing problems. Yubico

4 security tips: for developers, by developers

As National Cybersecurity Awareness Month comes to an end, our focus turns to what the developer community can do to stay cyber smart all year long. We’ve already talked about access management, and shared tips on how to protect your personal accounts. Today, we offer tips from the Yubico Developer Team to developers looking to

flexible modern authentication

Flexible Modern Authentication with the Multi-Protocol YubiKey

Most organizations work with multiple services and applications, and thus different authentication protocols, to meet all their security needs. Oftentimes, the protocol is predetermined by the application or service provider. However, in other cases, a business or systems integrator has some flexibility on which integration approach or third party to use. When it comes to

YubiKey 4 in computer

YubiKey 4(096): You Asked, We Delivered

In a previous blog post I talked about RSA key length and argued why a 2048-bit key is still a viable choice today. However, here at Yubico we do not like to remain idle, twiddling our thumbs. We are constantly improving our products. As a result of these efforts, earlier this month, we launched the

docker and yubico presentation from dockercon conference

With a Touch, Yubico, Docker Revolutionize Code Signing

Today we released the YubiKey 4. Our next generation product that includes a new function called touch-to-sign, a unique and simple method for code signing that we have brought to life together with Docker, an open platform for distributed applications. At DockerCon Europe 2015 in Barcelona, Docker and Yubico together unveiled the world’s first touch-to-sign code

application login screen

YubiKey Static Password Offers Up Options

One of the original functions on the YubiKey is a static password for use in the password field of any application. Such an option seems to challenge common misgivings about reusing passwords. And we would agree. But if you look a little deeper, the static password, which has attracted more users than we thought it might,

YubiKey nano and YubiKey 4 side by side

A Crash Course in Cryptography

To better understand asymmetric cryptography, you need knowledge of some basic concepts. For those that are not familiar with public-key cryptography, I will provide here a brief, stripped-down introduction to the topic. In asymmetric or public-key encryption there are two main players: the encryption algorithm itself (RSA, ECC, ElGamal, …) and a cryptographic key pair (there

keyboard

Expanding YubiKey Keyboard Support

Hi. We’ve had a few queries about using the YubiKey with various keyboard layouts, so we thought we’ll spend some time describing the different methods available to do that. Like a USB keyboard, YubiKeys work via inputting scan codes as opposed to actual characters. This means that when you type, the keyboard only sends the

browserid logo

BrowserID and YubiKey

To to learn how you use the YubiKey with BrowserID, a new open identity initiative, please check out this video from a BrowserID developer: https://vimeo.com/64514090 BrowserID was introduced in mid 2011 by the Mozilla Project. It addresses the same problem as OpenID and SAML, as well as the common OAuth or OpenID-based login-with-an external-account (such