What’s guarding your domain from unauthorized access?

March 23, 2018 2 minute read

Domains are a frequent target for phishing attacks that pose serious privacy risks and potential losses of millions of dollars in brand damage, lost revenue, stolen data, and recovery efforts. The threat of phishing greatly underscores the need to protect the front door to your domain.

We are excited to announce that Gandi is the first domain registrar to integrate support for the YubiKey and FIDO U2F authentication. With this new integration, Gandi customers benefit from greater security to safeguard domains and critical assets, such as SSL certificates, contained within.

The YubiKey delivers strong defense against phishing at the time of login, complementing Gandi’s promise to provide secure access to domain names, easy third-party integration, and powerful tools for everyone. Gandi is excited to offer users a more secure and easy-to-use 2FA protocol with FIDO U2F, and strongly encourages users to get YubiKeys.

“The user-experience was a big factor in our decision to integrate support. The ability to easily manage multiple tokens for multiple users offers a real-world example,” said Andrew Richner, Head of Communication at Gandi US. “The other factor is obviously security. Time-based one-time password (TOTP) has a few weaknesses that the challenge-response of U2F corrects. The resulting difficulty to phish a U2F user makes the YubiKey very attractive as a 2FA option. We love the portability and durability of YubiKeys too.”

Since adopting YubiKey support, Gandi reports that user feedback has been positive. “Our users have come to expect Gandi to be on top of new technology, and to offer a high level of security. We’re finding that it’s these customers in particular who are excited to spread the word about using Gandi and YubiKey together,” he added.

Gandi’s service features easy-to-use domain management tools that enable users to define access rights by organization, team, and individual, as well as delegate domains and hosting to collaborators no matter the organization structure or size. A domain at Gandi comes with a number of free services, including email addresses, http forwarding, an SSL certificate, and domain name system (DNS) management.

Gandi demonstrates a strong commitment to security and trust—all important values shared by Yubico—that is evident in our joint effort to provide a secure authentication solution to domain management. Learn more about what you can do with Gandi and the YubiKey.

Share this article:

Recommended content

#YubiSecure: Take your Twitter security to the next level with increased 2FA support

Great news YubiFans! As of today, Twitter made it a lot easier for you to tweet safely and keep your accounts secure. Phishing-resistant YubiKey authentication via WebAuthn is now supported on Twitter’s desktop, Android and iOS mobile applications.  With native WebAuthn support throughout the Twitter platform, you can register and use a USB-, NFC-, or Lightning-compatible security key, like ...

AWS Expands YubiKey Support with AWS SSO WebAuthn Integration

Another win for FIDO at the heels of its first industry conference, Authenticate 2020.  AWS Single Sign-On (SSO) has introduced native WebAuthn support to secure user access to AWS accounts and business applications using strong, FIDO-based multi-factor authentication (MFA) with YubiKeys.  Broader choice of authentication methods by AWS SSO is a win for modern authentication that has historically ...

Internet security myth-busters: Debunking 3 common misconceptions about two-factor authentication

October is National Cyber Security Awareness Month and this year, it comes at a time when we are using online services more than ever. The pandemic has forced many of us to almost entirely rely on our digital identities to work, shop, learn, and generally keep in touch, putting the resilience of authentication technologies to the test.  ...

Improving Performance and Security While Driving Down the Cost of Microsoft 365 - Yubico

Microsoft 365 comes with some shortcomings in the areas of security.