It’s no secret Yubico is making a big investment in the FIDO Alliance’s U2F protocol, which we believe will significantly strengthen security on the internet. We are co-authors of the specification and no less than nine Yubico employees help steer the evolution of FIDO and U2F.
Recently, we joined with Google and Dropbox to support U2F strong authentication for hundreds of millions of users.
Over the past months, we’ve made U2F a base capability in our YubiKeys with the idea that all devices should support our internet commitment to deliver one key for many services. The public key cryptographic pedigree of the U2F protocol ensures security, privacy, and ease-of-use.
As part of this commitment, we will discontinue selling our YubiKey Nano as of March 16, 2016 and replace it with the YubiKey Edge-n, which has all the features of the Nano plus U2F.
This decision has little or no impact on current YubiKey Nano owners, who can continue to use the device as always for as long into the future as they like. Yubico will provide support for two years after March 16, 2016 for those with valid support contracts. (See the full set of policies on our website).
One of the most important security features of a YubiKey is that they cannot be upgraded. If you can’t write to the key neither can hackers, which means no chance of malware or stolen secrets. As alternatives, YubiKey Nano owners can complement their device with a U2F-only Security Key. Or they can opt for the YubiKey Edge-n. The YubiKey Nano then becomes a backup for all of its supported features — YubiKey one-time password, OATH time- and event-based OTPs, and static passwords. Or, we’re happy for you to just be happy with the YubiKey Nano you have.
So please don’t dwell on the industry standard, and ominous sounding, “End-Of-Life” term used in official announcements. We are not burying existing YubiKey Nano devices. Please use them and try to wear out the military-grade gold. The YubiKey will withstand your washing machine, your dog’s insatiable appetite, a winter spent in the snow, and being run over by just about anything.
The versatility of the YubiKey product lineup also remains, which includes support on various devices for other strong authentication options, services and features such as a PIV-compliant smart card, OpenPGP, and a secure element.
We are building a path to an internet future we think is paved with U2F support for all online services. We believe we have a clear vision of where strong authentication is headed and our goal remains delivering our customers to that destination.
Jakob Ehrensvärd is CTO at Yubico
