Tag: FIDO U2F security key

Thumbnail

Feb 25, 2016

Google publishes two-year study on use of FIDO U2F Security Keys

Key words often associated with two-factor authentication focus on simplicity, privacy, and security. Those words, however, are broad terms that need definition in order for consumers and enterprises to form opinions and make educated buying choices. FIDO Universal Second Factor (U2F) is no different, so Google recently published a research paper titled “Security Keys: Practical

Thumbnail

Feb 3, 2016

OTP vs. U2F: Strong To Stronger

At Yubico, we are often asked why we are so dedicated to bringing the FIDO U2F open authentication standard  to life when our YubiKeys already support the OATH OTP standard. Our quick answer is that we will always provide multiple authentication options to address multiple use cases. Regarding U2F and OTP, we think both have

Thumbnail

Oct 14, 2015

U2F Webinar: From Concept To Implementation

Note: This webinar was recorded on Oct. 27, 2015. The video recording is embedded at the end of this blog. Ever wonder what’s under the Universal 2nd Factor (U2F) covers? How to build U2F into your own service or project? Or what’s the extended value of your YubiKey? Now that U2F is catching fire as

Thumbnail

Oct 1, 2015

GitHub, Yubico Introduce Millions To U2F

Today GitHub introduced U2F support enabling its users to access and protect the integrity of their software code with easy-to-use strong public key cryptography. GitHub’s volume of sensitive data demands proactive efforts to constantly improve security and access controls. Strong authentication, like that provided by U2F, helps protect against modern hacker techniques used in the current breach-filled

Thumbnail

Aug 12, 2015

Dropbox Adds Support For FIDO U2F, YubiKeys

Today, cloud storage giant Dropbox announced to its more than 400 million users that it now supports FIDO U2F, including YubiKey security keys, for strong two-factor authentication. On the company’s blog, Dropbox said users now can protect their files with U2F-powered devices in addition to the current feature of a one-time code sent to a mobile

Thumbnail

An Edge over the Bad Guys

The one thing end-users don’t seem to have over hackers these days is an edge. Yubico is changing that. Today, we introduce a new key we’ve dubbed the YubiKey Edge. The goal is a cost-effective key with a collection of second-factor authentication options that guard against attacks on your accounts either via malware, phishing and other

Thumbnail

Apr 8, 2015

YubiKey, YubiHSM: Secret Weapons to Guard Secrets

U.S. intelligence officials in 2013 said they planned to significantly reduce the number of individuals within their network with system administrator privileges. Those privileges gave administrators rights to view and move around any document. “U.S. intelligence has invited so many people into the secret realm,” an official told NBC News, that it left the organization overly exposed to threats

Thumbnail

My Work Day Reflects YubiKey’s Flexibility

I work as a developer at Yubico. Like a lot of developers these days I’m empowered to not only develop software, but to publish it and configure the servers it runs on. This means that I have access to many systems, to which I authenticate using different keys, requiring the flexibility of a YubiKey. The

Thumbnail

Feb 24, 2015

A Crash Course in Cryptography

To better understand asymmetric cryptography, you need knowledge of some basic concepts. For those that are not familiar with public-key cryptography, I will provide here a brief, stripped-down introduction to the topic. In asymmetric or public-key encryption there are two main players: the encryption algorithm itself (RSA, ECC, ElGamal, …) and a cryptographic key pair (there

Thumbnail

FIDO Aims at Standardized Strong Authentication

In the early 1990s, a company called Softswitch found itself at a strategic crossroads in that it held the key to integrating disparate electronic messaging systems. So strategic, in fact, that Lotus Software paid $62 million to acquire the company and send a ripple of fear through its main email competitor Microsoft. In a story