Time Flies When Trying To Secure The Internet

September 3, 2015 3 minute read
person typing on keyboard

A year ago, I joined Yubico and wrote a blog with the headline “Welcome to the Future, It’s About to Get Really Interesting.”

On reflection, perhaps that was an understatement.

The past 12 months have seen unprecedented hacks on industry and government that have resulted in more than a billion stolen passwords and personal records. The carnage created enough of a pain point to move security and two-factor authentication from an afterthought to an active, mainstream conversation topic.

It was a wake up call to the weakest factor in security – the human factor.

Eyes popped out when Apple was hacked and celebrity nude pics were stolen. President Obama signed an executive order requiring the use of multi-factor authentication in federal agencies. Red Hat and Microsoft announced multi-factor authentication plans, New York State banking regulators added two-factor authentication to their definition of a secure environment, and the US Postal Service added two-factor authentication to its post-hack remediation efforts.

Then the Cavalry started to round up its horses.

In October 2014, Google announced the first application support for the FIDO Universal 2nd Factor protocol and gave Gmail (and eventually Google for Work) users strong authentication backed by simple-to-use public key cryptography in the form of a Yubico Security Key.

At Yubico, we grew to keep up with the changing security landscape. We developed a two-factor login app for Salesforce.com users, sweetened our YubiKey portfolio with U2F support, offered our Security Key as a complement to Google’s launch, continued to bring on handfuls of enterprise customers looking to secure authentication, and helped finalize and offer to the world the FIDO U2F specification we co-invented.

And that was all before the end-of-year holidays. (Oh yeah, and we brightened the holidays with an array of colorful YubiKeys).

In January, the FIDO U2F ecosystem was active and buzzing with chipmakers, biometric devices, YubiKeys, mobile apps/clients, wireless connectivity development, cloud services, open source software, and other goodies.

Our CEO talked internet security with President Obama at a cybersecurity summit in Palo Alto, and recruited Salesforce CEO Marc Benioff as an investor and advisor.

We drew crowds eagerly seeking two-factor authentication as a silver lining at conferences such as Showstoppers, RSA, Cloud Identity Summit and Black Hat.

We released the world’s smallest HSM, debated cryptographic key sizes, announced the YubiKey Edge with OTP and U2F support, earned FIDO Certification, contributed to the release of Bluetooth and NFC support for U2F, crowned three YubiKings, and saw Dropbox become the first non-FIDO online service to adopt U2F supported by the YubiKey.

We also met with Victoria, Crown Princess of Sweden, and her husband, Prince Daniel, in California and introduced them to the YubiKey. And we went Hollywood with the YubiKey’s good-guy cameo in the dramatic film “Blackhat.”

But among all that change, we had constants: our commitment to open source and standards; our faith in one key for many apps; our belief in the right to internet privacy; our integrity; our focus on secure authentication for computers, servers, and internet accounts; and on providing the world’s enterprises with simple and secure authentication.

The next 12 months are lining up to be even more energetic, so you can count on one additional constant: more to come from Yubico (soon!) and our continued presence at the forefront of strong authentication.

Share this article:

Recommended content

How YubiKeys are made: Security at scale

The first YubiKey was manufactured in Sweden in 2008. A few years later, part of our team moved from Stockholm to California, and we expanded our production capabilities to this part to the US West coast. It was a conscious choice to manufacture our products in the two democratic countries that were close to our ...

New Yubico for Free Speech Program Arms Nonprofits with Strong Authentication

2020 continues to be a challenging year in many ways for all of us, but today, we’re proud to share some hopeful news — Yubico is introducing the Yubico for Free Speech Program, an initiative designed to defend digital privacy, online security, and free speech for at-risk individuals and nonprofit organizations. As of July 1, ...

Star Wars Day Promo: May the 4th Be With You!

You don’t have to travel to a galaxy far, far away to find a more wretched hive of scum and villainy. Sadly, our world is facing an ever-growing number of phishing attacks from data smugglers (work with us here). But there is hope. A new force has awakened… You. And you’re armed with this… a ...

Why we designed the YubiKey the way we did

The first YubiKey was launched in 2008, inspired by the word ‘ubiquity’ and with the mission to make simple and secure logins available for everyone. At the time, we were less than 10 people in the company, but our strategy was simple: if we focused on further developing the YubiKey technology in close collaboration with ...