The Future of Secure Online Identities

Since I started my journey as a hardware authentication innovator, I have heard people say that the future of authentication is software. Or TPMs. Or biometrics. Or invisible data intelligence that will silently protect us all. Today, it is fair to say that all these predictions were right – when they are combined into a comprehensive strategy.

But in order for secure online identities to scale to all services and users, open standards “plumbing“ is necessary. And it includes open authentication and identity standards that are natively supported in leading platforms and browsers, enabling strong crypto between a range of authenticators and the services they protect.

In 2013, when Wired published the first article on U2F, Yubico received many valid questions on this new authentication protocol. We shared our response in a Future of Authentication FAQ blog. The content is still valid, so if you did not read it then, we welcome you to do so now.

A couple of months ago, Yubico was invited to a panel discussion at the European Identity & Cloud Conference with the topic, “The Future of Authentication – Killing the Password.” Identity experts from Microsoft, Salesforce.com and NRI all agreed that the “plumbing” must be open standards, and that there is no silver bullet for the multi-factor options we add as an extra layer of user verification. The YubiKey did, however, get high marks – Salesforce mentioned that it took only two days to deploy YubiKeys for 17,000 employees, and Microsoft disclosed that Windows Hello will eventually accept external hardware authenticators. Until biometrics have proven to be more robust, passwords are actually not that bad. Or to quote the warning message that the latest Nexus phone presents when setting up a biometric login: “Using your fingerprint to unlock your device may be less secure than a strong password, PIN, or pattern.” (Watch the EIC panel presentation.)

Those same identity experts agreed on one more important trend: authentication and identity will be separated. FIDO U2F is one of the open standards protocols that makes that separation possible. It lets you have assorted identities, including a real identity tied to your driver’s license, a temporary identity for your work, and an identity that allows you to be “secure, yet anonymous”. This can be life critical for dissidents and journalists, and will help safeguard internet privacy for the rest of us.

P.S. The picture above is an example of the latter. I once showed up at the office disguised as the famous fictional hacker Lisbeth Salander, and no one recognized me.

Talk to our teamTalk to our team

Share this article:


  • Cybersecurity in 2025 – part two: Insights and predictions from Yubico’s expertsIn part one of our 2025 cybersecurity predictions, we highlighted insights from our experts on the topic of passkeys, digital identity wallets and the threats of AI-driven phishing – areas that saw a lot of focus in 2024, and ones that we expect to continue being a major focus this year. If you missed our […]Read morecritical infrastructurefederal governmentfinancial servicespredictions
  • Cybersecurity in 2025: Insights and predictions from Yubico’s expertsWith 2024 behind us, we saw another challenging year in the world of cybersecurity – highlighted by new and evolving threats like Artificial Intelligence (AI)-driven phishing and increasingly sophisticated cyber attacks overall. Yubico’s September Global State of Authentication Survey confirmed the challenges, even underscoring the potential risks of these new threats. The report emphasized the […]Read moreAIdigital identity walletspasskeyspredictions
  • State of Global Authentic(age)ion: A look at cybersecurity habits by generationsNo generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as […]Read moreState of Global Authenticationsurvey
  • Yubico named finalists of German digital identity innovation competitionIn 2023, Yubico began collaborating on an exciting open standards identity project – wwWallet – to shape the future of digital identity across Europe and beyond. The project saw immediate success solving problems for global identity, and was submitted in the German SPRIN-D European Digital Identity (EUDI) Funke competition which aims to develop and test […]Read moreEU Digital Identity WalletEUDIwwWalet