Tag: passwordless
-
A security tool that nobody wants to use – Yubico To continue our effort to peel back the layers on the journey to passwordless, Yubico talked with former Navy intelligence officer and University of Tulsa professor, Sal Aurigemma, about his research in the behavioral information security field. Professor Aurigemma focuses on end-user experiences and adoption rates of authentication technologies. He regularly runs field experiments with […] Read more MFA passwordless -
Discover passwordless with Okta and YubiKey at Oktane21 Okta’s premier identity conference, Oktane21, is taking place virtually on April 6-8, and Yubico is once again a proud sponsor. This year, Yubico will highlight our continued partnership with Okta and showcase the YubiKey as the key to trust. Okta Adaptive MFA and the phishing-resistant YubiKey allow organizations to quickly and securely deploy strong multi-factor […] Read more Okta passwordless -
Go Passwordless with YubiKey and Microsoft Azure Active Directory Today, Yubico celebrates an important milestone in the evolution of modern authentication. We are excited to report that YubiKey passwordless authentication is now generally available to Microsoft’s Azure Active Directory (Azure AD) users, a critical step toward achieving better security without compromising usability. Nearly three years ago, Yubico started on this journey with Microsoft and […] Read more Microsoft 365 Microsoft Azure passwordless -
Separating fact from fiction in your journey to passwordless authentication Say the word “passwordless” to a room full of security professionals and you will get a range of reactions, from a wry smile to a walk-out. That’s because the information security community knows that “passwordless” is a loaded term, and the industry is filled with differing and contradictory positions on the topic. The purpose of […] Read more featured passwordless -
What is a Secure Static Password? How is a ModHex static password generated? Utilizing ModHex and its 16-character alphabet, and encoding that introduces a measure of “randomness”. A 32-character ModHex password would take a hacker around five billion years to even get a 1 in 2,158,056,614 chance of a correct guess (yes, that’s two billion!). Even a 16-character ModHex password would take around […] Read more OTP passwordless static password YubiKey -
What is CTAP? How does CTAP work? FIDO2 consists of two standardized components, a web API (WebAuthn) and a version 2 of CTAP. The two work together and are required to achieve a passwordless experience for login. The earlier FIDO U2F (Link to FIDO U2F Glossary) protocol working with external authenticators is now renamed to CTAP1 in the WebAuthn specifications. […] Read more FIDO Alliance FIDO2 passwordless -
What is FIDO Universal 2nd Factor? What does it mean to be FIDO U2F Certified? FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO Alliance manages functional certification programs for its various specifications (e.g. U2F and FIDO2) to validate product conformance and interoperability. […] Read more FIDO U2F security key FIDO2 passwordless -
What is Credential Stuffing? What are examples of credential stuffing? Read more passwordless phishing YubiKey -
What is Passwordless? Passwordless definition Passwordless is best thought of as a strategic direction for a company’s security to take. How fast you accelerate toward that goal all depends on how many steps are included in a passwordless strategic plan. Every company, depending on specific security context, is going to get there at a different speed — but […] Read more authenticator app FIDO Alliance multifactor authentication passwordless -
What is a Data Breach? How Do Data Breaches Happen? Read how you can educate yourself and your company on best practices to stop breaches here Data breaches by the numbers (source: Verizon 2020 Data Breach Investigation Report) Read more account takeovers data breach passwordless