• Security considerations for the top 8 mobile device-restricted workplaces When looking at enterprises and organizations, there are many different business scenarios that can be present when addressing secure authentication. Whether those be shared workstations, remote workers, or even privileged accounts, there is one in particular that introduces its own difficulties: mobile device-restricted workplaces.  It’s safe to say that there will always be workplaces which, […] Read more authentication FIDO MFA mobile authentication phishing-resistant MFA WebAuthn
• Google Chrome U2F API decommission: What the change means for your users and how to prepare With advancement often comes change. Some changes are exciting, like providing new features and broader support, while other changes can be a minimal bump in the road or, in extreme cases, cause adverse effects on end users. With Yubico’s commitment to keeping our customers updated on the latest in changes to security protocols, we wanted […] Read more Google Google Chrome MFA U2F WebAuthn
• Put Your Finger on the Pulse of What’s New with the YubiKey Bio Series Today, we are announcing the YubiKey Bio Series, Yubico’s first-ever YubiKeys supporting biometric authentication. The YubiKey Bio was first previewed at Microsoft Ignite in 2019 where we showed a live demo of passwordless sign-in to Microsoft Azure Active Directory accounts. We’ve taken the time to ensure that we are launching products that are highly secure […] Read more biometrics passwordless WebAuthn YubiKey YubiKey Bio
• Top five pitfalls companies should avoid when rolling out a passwordless strategy Given the number of breaches in the news today where passwords were at the root of the problem, many companies are now exploring the benefits of a secure passwordless future. Secure passwordless logins not only bring cost efficiencies and a more frictionless user login experience into the organization, but deliver the security that is necessary […] Read more FIDO2 passwordless WebAuthn YubiKey
• FIDO authenticators and YubiKeys are making the internet safer In 2007, Yubico set out to protect as many people as possible by making secure login easy and available for everyone. We are happy Apple has joined Yubico, Google, and Microsoft on this journey by implementing W3C WebAuthn/FIDO compatible platform authenticators and are pleased to say that now all major platforms have adopted the standards […] Read more FIDO FIDO Alliance WebAuthn YubiKey
• How will authentication standards evolve in 2021 and beyond? Authentication standards development is like a slow-moving, winding river. It often takes years of dedicated work to reach new milestones, yet it feeds the entire security ecosystem and sustains digital workflow safety throughout the enterprise. While the benefits of this river are often invisible to the end-user, CISOs and developers are thinking about the river’s […] Read more FIDO2 PIV strong authentication WebAuthn
• Wrapping up 2020: A year where technology and internet security prevailed Never has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020 […] Read more phishing security WebAuthn yubico.com YubiHSM
• Lessons from the SolarWinds incident Last week, a large and expertly run espionage operation was made public — one that began no later than October 2019, and which had been actively exploiting victims since at least early 2020. This incident is particularly interesting for several reasons: for the breadth of sensitive global government and industry targets, for misuse of a […] Read more identity and access management NIST security WebAuthn
• What is a Brute Force Attack? What are the goals of a brute force attack? The ultimate goal of a brute force attack is to steal password and login credentials to gain access to online accounts. After an attacker gains access it doesn’t stop there. They may use accounts to send out spam or phishing messages to other users. Another action […] Read more multifactor authentication phishing security key WebAuthn
• What is the W3C? What does the W3C do? W3C’s primary activity is to develop protocols and guidelines that ensure long-term growth for the Web. W3C’s standards define key parts of what makes the World Wide Web work. Did W3C author Webauthn? Webauthn was developed under the umbrella of the World Wide Web Consortium (W3C). Yubico along with Microsoft and […] Read more passwordless w3c WebAuthn