• A security tool that nobody wants to use – Yubico To continue our effort to peel back the layers on the journey to passwordless, Yubico talked with former Navy intelligence officer and University of Tulsa professor, Sal Aurigemma, about his research in the behavioral information security field. Professor Aurigemma focuses on end-user experiences and adoption rates of authentication technologies. He regularly runs field experiments with […] Read more
• Ping Identity partner brief PingID and YubiKey together comprise a modern MFA solution. Read more
• Okta partner brief The YubiKey and Okta Adaptive MFA provide the strongest level of identity assurance and defense against phishing and man-in-the-middle attacks, while also delivering a simple and seamless user experience Read more
• Duo Security partner brief YubiKeys coupled with Duo MFA provide an easily understood, secure solution. Read more
• What is IAM (Identity and access management)? Identity and Access Management Identity and Access Management (often abbreviated IAM) is a combination of technologies, techniques, and policies employed by companies to manage conditional user access across elements of their tech stack. The form IAM takes can vary widely across different enterprises, but the two primary objectives of Identity and Access Management are undeniably […] Read more
• FIDO2 passwordless authentication Key Takeaways Successful Implementation Requires a Plan for Recovery and Legacy Systems. Users must register both primary and backup authenticators to prevent lockouts. Multi-protocol hardware security keys that support both FIDO2 and traditional standards like PIV/Smart Card enable phased modernization, enabling a transition away from legacy systems over time. The Authentication Paradox: Why Adding Layers […] Read more
• Multi-factor authentication (MFA) explained What is multi-factor authentication? Multi-factor authentication (MFA) can greatly enhance security while delivering a positive user experience. MFA is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence, or factors, to an authentication mechanism. * The 2019 State of Password and Authentication Security […] Read more
• Protect against cyber threats in retail and hospitality Stop account takeovers while enhancing customer experience The high availability of sensitive data including payment card information (PCI) and employee and customer personal identifiable information (PII), makes retail and hospitality organizations a lucrative target for cyberattacks including phishing, ransomware, and data theft.   A core part of a strong Zero Trust cybersecurity approach is multi-factor authentication […] Read more
• Modern Multi-Factor Authentication (MFA)  Not all MFA is created equal While MFA can be a strong first-line of defense, not all forms of multi-factor authentication (MFA) are created equal. Legacy authentication such as usernames and passwords can be easily hacked, and mobile-based authentication such as SMS, OTP codes, and push notifications are highly susceptible to modern phishing attacks, malware, […] Read more
• Why mobile-based MFA is not phishing resistant The need for phishing-resistant MFA has become more apparent in recent times. Some experts estimate that as of 2020, spear phishing is linked to upwards of 95 percent of all successful attacks against organizational networks in both the private and public sectors. 2021 also saw some of the largest security breaches ever, including the Colonial […] Read more