Archive
-
Why your one time OTP legacy MFA is setting you up for a security breachLearn how phishing-resistant MFA addresses the gaps that legacy MFA creates.
Read more -
Yubico Authenticator 6 is here!Earlier this year we announced the upcoming release of Yubico Authenticator 6, the next version of our YubiKey authentication and configuration app. We released a beta version, first for desktop, and then for Android, and we solicited your feedback. We got plenty of it, and have been busy incorporating a lot of it into the […]
Read more -
Five Strategies to Scale Phishing-Resistant MFA in 2023 – YubicoLegacy multi-factor authentication (MFA) has not worked against modern cyber threats due to inability to stop phishing and other account takeovers. Modern MFA, such as YubiKeys, have been proven to stop phishing attacks and account takeovers in their tracks. Only solutions based on Smart card/PIV or FIDO protocols are truly phishing-resistant according to the National […]
Read more -
What is Yubico OTP?
How does Yubico verify Yubico OTPs? In order for Yubico OTP to work with YubiCloud (Yubico’s validation service) the information programmed into the YubiKey must also be uploaded to the YubiCloud. As part of the process of manufacturing every YubiKey, a Yubico OTP credential is programmed into slot 1, and its information is also transferred to YubiCloud, […]
Read more -
What is a Secure Static Password?
How is a ModHex static password generated? Utilizing ModHex and its 16-character alphabet, and encoding that introduces a measure of “randomness”. A 32-character ModHex password would take a hacker around five billion years to even get a 1 in 2,158,056,614 chance of a correct guess (yes, that’s two billion!). Even a 16-character ModHex password would take around […]
Read more -
What is One-Time Password (OTP)?
How do one-time passwords work? OTPs are delivered in many ways, usually via an object the user carries with him, such as his mobile phone (using SMS or an app), a token with an LCD-display, or a security key. OTP technology is compatible with all major platforms (desktop, laptop, mobile) and legacy environments, making it a very […]
Read more -
YubiCloud
Strong two-factor validation for any IT system and online service Strong security YubiKey secrets protected with YubiHSM Hardware Security Module. Business continuity Redundant service with locations on multiple continents. Fast protection Free and easy web API integration in less than an hour. How YubiCloud works Get started with free web APIs for fast and easy […]
Read more -
OATH – HOTP
How does HOTP work? HOTP is essentially an event-based one time password. Two inputs are required: the seed from the server and the counter from HOTP. The two sync each time a code is validated and the user gains access. What’s the difference between HOTP and TOTP? The biggest difference between HOTP and TOTP is that HOTP […]
Read more -
CERN deploys YubiKeys to protect accounts and server accessCERN protects critical assets, easily integrating systems to provide protection with just a touch.
Read more -
iPhone support for YubiKey OTP via NFCWill my YubiKey NEO work on iPhones now that iOS 11 added some NFC support? It’s a fair question – one that we’ve been getting a lot of. This blog explains some of the details about iPhone support for YubiKey OTP to help bring some clarity to YubiKey users. First, it’s important to understand the […]
Read more