Last month, we announced the expansion of both Yubico’s YubiEnterprise Subscription and our Security Key Series lineup, which included the addition of two new enterprise, FIDO-only (FIDO2/WebAuthn and FIDO U2F) keys. We’re excited to share that the Security Key Series are officially available today and can be purchased via our expanded YubiEnterprise Subscription program for […]
Read moreRansomware attacks and other types of cyberattacks in healthcare are growing, not only in amount, but in sophistication as well. The recent State of Ransomware in Healthcare report released by Sophos highlighted a 94 percent increase in ransomware attacks in 2021, with 66 percent of healthcare organizations hit by ransomware – up from 34 percent […]
Read moreThe world of cybersecurity continues changing rapidly. This has been catalyzed by the sudden shift to remote work, the increasing threat of cybercrime and the complexity of attacks. Understanding the new technological landscape, and what comes next, can be challenging. Hearing from experts who spend their daily lives not only thinking about and facing these […]
Read moreContinuous authentication is an emerging concept—a future ‘nirvana’ state of security that would provide the capability to validate a user’s identity in real-time as they maneuver between systems, applications, and devices. In theory, continuous authentication solutions would use risk signals from a variety of monitoring sources to authenticate users, identify potential threats and proactively remediate […]
Read moreWhen it comes to WebAuthn, there’s certainly no shortage of acronyms or protocols. But what do they mean, and which ones do you need to care about? Fret not – both clarity and help are available! In this blog, we’ll share tips on how to implement WebAuthn, as well as share news about java-webauthn-server library […]
Read moreStrong authentication practices are based on validating a number of authentication factors to a relying party (RP) or identity provider (IDP) to prove you are who the RP expects. Examples of relying parties could be Dropbox or Salesforce. Identity providers, who can also be a relying party that interacts with the authenticator, include Microsoft Entra […]
Read moreGiven the number of breaches in the news today where passwords were at the root of the problem, many companies are now exploring the benefits of a secure passwordless future. Secure passwordless logins not only bring cost efficiencies and a more frictionless user login experience into the organization, but deliver the security that is necessary […]
Read moreAuthentication standards development is like a slow-moving, winding river. It often takes years of dedicated work to reach new milestones, yet it feeds the entire security ecosystem and sustains digital workflow safety throughout the enterprise. While the benefits of this river are often invisible to the end-user, CISOs and developers are thinking about the river’s […]
Read moreHow does CTAP work? FIDO2 consists of two standardized components, a web API (WebAuthn) and a version 2 of CTAP. The two work together and are required to achieve a passwordless experience for login. The earlier FIDO U2F (Link to FIDO U2F Glossary) protocol working with external authenticators is now renamed to CTAP1 in the WebAuthn specifications. […]
Read moreWhat does it mean to be FIDO U2F Certified? FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO Alliance manages functional certification programs for its various specifications (e.g. U2F and FIDO2) to validate product conformance and interoperability. […]
Read more