• Discover passwordless with Okta and YubiKey at Oktane21 Okta’s premier identity conference, Oktane21, is taking place virtually on April 6-8, and Yubico is once again a proud sponsor. This year, Yubico will highlight our continued partnership with Okta and showcase the YubiKey as the key to trust.  Okta Adaptive MFA and the phishing-resistant YubiKey allow organizations to quickly and securely deploy strong multi-factor […] Read more
• Go Passwordless with YubiKey and Microsoft Azure Active Directory Today, Yubico celebrates an important milestone in the evolution of modern authentication. We are excited to report that YubiKey passwordless authentication is now generally available to Microsoft’s Azure Active Directory (Azure AD) users, a critical step toward achieving better security without compromising usability. Nearly three years ago, Yubico started on this journey with Microsoft and […] Read more
• Separating fact from fiction in your journey to passwordless authentication Say the word “passwordless” to a room full of security professionals and you will get a range of reactions, from a wry smile to a walk-out. That’s because the information security community knows that “passwordless” is a loaded term, and the industry is filled with differing and contradictory positions on the topic.  The purpose of […] Read more
• What is a Secure Static Password? How is a ModHex static password generated? Utilizing ModHex and its 16-character alphabet, and encoding that introduces a measure of “randomness”. A 32-character ModHex password would take a hacker around five billion years to even get a 1 in 2,158,056,614 chance of a correct guess (yes, that’s two billion!). Even a 16-character ModHex password would take around […] Read more
• What is CTAP? How does CTAP work? FIDO2 consists of two standardized components, a web API (WebAuthn) and a version 2 of CTAP. The two work together and are required to achieve a passwordless experience for login. The earlier FIDO U2F (Link to FIDO U2F Glossary) protocol working with external authenticators is now renamed to CTAP1 in the WebAuthn specifications. […] Read more
• What is FIDO Universal 2nd Factor? What does it mean to be FIDO U2F Certified? FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO Alliance manages functional certification programs for its various specifications (e.g. U2F and FIDO2) to validate product conformance and interoperability. […] Read more
• How YubiKey Stops Credential Stuffing at the Protocol Key Takeaways What is credential stuffing? Credential stuffing doesn’t require a sophisticated exploit or a zero-day vulnerability. An attacker takes a list of usernames and passwords stolen from one breach, points an automated tool at login forms across the web, and tests every combination at scale. Bots handle the volume, submitting stolen credential pairs faster […] Read more
• What is Passwordless? Passwordless definition Passwordless is best thought of as a strategic direction for a company’s security to take. How fast you accelerate toward that goal all depends on how many steps are included in a passwordless strategic plan. Every company, depending on specific security context, is going to get there at a different speed — but […] Read more
• What is a Data Breach? How Do Data Breaches Happen? Read how you can educate yourself and your company on best practices to stop breaches here (source: Verizon 2020 Data Breach Investigation Report) Read more
• What is FIDO 2? What does it mean to be FIDO2 Certified? FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO Alliance manages functional certification programs for its various specifications (e.g. U2F and FIDO2) to validate product conformance and interoperability. A FIDO2-certified device, […] Read more