Jun 28, 2021
Top five pitfalls companies should avoid when rolling out a passwordless strategy
Given the number of breaches in the news today where passwords were at the root of the problem, many companies are now exploring the benefits of a secure passwordless future. Secure passwordless logins not only bring cost efficiencies and a more frictionless user login experience into the organization, but deliver the security that is necessary …
Jun 15, 2021
Built-in FIDO authenticators and YubiKeys are making the internet safer for all
In 2007, Yubico set out to protect as many people as possible by making secure login easy and available for everyone. We are happy Apple has joined Yubico, Google, and Microsoft on this journey by implementing W3C WebAuthn/FIDO compatible platform authenticators and are pleased to say that now all major platforms have adopted the standards …
Apr 29, 2021
How will authentication standards evolve in 2021 and beyond?
Authentication standards development is like a slow-moving, winding river. It often takes years of dedicated work to reach new milestones, yet it feeds the entire security ecosystem and sustains digital workflow safety throughout the enterprise. While the benefits of this river are often invisible to the end-user, CISOs and developers are thinking about the river’s …
Dec 30, 2020
Wrapping up 2020: A year where technology and internet security prevailed
Never has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020 …
Dec 23, 2020
Lessons from the SolarWinds incident
Last week, a large and expertly run espionage operation was made public — one that began no later than October 2019, and which had been actively exploiting victims since at least early 2020. This incident is particularly interesting for several reasons: for the breadth of sensitive global government and industry targets, for misuse of a …
What is a Brute Force Attack?
Learn More 5 best practices for companies serious about data privacy The anatomy of a phishing email: 5 things to look for before you click 2020 state of passwords and authentication security report Developer Resources How WebAuthn can limit data breaches
What is the W3C?
Learn More A big day for the internet: W3C standardizes WebAuthn 10 things you’ve been wondering about FIDO2, Webauthn, and a passwordless world Developer Resources Try WebAuthn on the Yubico WebAuthn demo site View the full OS and web browser support matrix for FIDO2/WebAuthn
What is a root of trust?
* Source: Ponemon Report – 2019 State of Password and Authentication Security Behaviors Report
What is WebAuthn?
How does WebAuthn work? WebAuthn is an API that makes it very easy for a relying party, such as a web service, to integrate strong authentication into applications using support built in to all leading browsers and platforms. This means that web services can now easily offer their users strong authentication with a choice of …