Department of Defense Contractors Replacing Legacy Two-Factor

2 minute read

PALO ALTO, Calif. and STOCKHOLM, Nov. 09, 2011 – Yubico, the leading provider of simple, open online identity protection, today announced a rapid increase of YubiKey orders from U.S. Department of Defense (DOD) contractors to replace legacy two-factor authentication tokens. The growing business within the defense sector validates the unique, high security processes provided by Yubico.

Leveraging technology designed for all vertical industries, including energy, technology, and government, the YubiKey serves as the key part of two-factor authentication solutions for U.S. defense organizations searching for simple and secure access to networks and cloud applications.

“Reinforcing our commitment to providing the most easy-to-use and dependable authentication products, Yubico technology, security processes and technical transparency are gaining acceptance by organizations with the highest security requirements,” said Stina Ehrensvard, CEO and founder of Yubico.

Earlier this year, a database with millions of RSA SecurID customer secrets was hacked in a major security breach. This breach raised concerns about the security processes for one time password (OTP) tokens. As a result of the incident, Yubico was contacted by DOD contractors performing audits for hardware OTP tokens as a vendor not affected by the breach.

The DOD contractors required that no copies of token secrets were stored at manufacturing facilities, or at any third party that could potentially break the security, as it apparently happened at the RSA breach. The tokens needed the ability to be easily programmed at their own facilities and the server software required technical transparency, ensuring there was no hidden weakness. The YubiKey was the only authentication product that met these requirements.

Manufactured by robots in Sweden, the YubiKey USB authentication key simplifies the process of logging in with an OTP token, eliminating the need to re-type long pass codes from a display device. The YubiKey is practically indestructible and fits easily on a keychain.  It works on all computers and platforms without the need for installing client software.

The RSA breach also highlighted the need to secure servers, including the secrets used to generate one time passwords, from remote attack. In addition to the YubiKey, Yubico reports an increase of orders for the YubiHSM, Yubico’s newly launched and the market’s most cost-efficient Hardware Security Module for protecting secrets on servers.

Please visit and for more information.


About Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers.

Yubico is a leading contributor to the FIDO2WebAuthn, and FIDO Universal 2nd Factor open authentication standards, and the company’s technology is deployed and loved by 9 of the top 10 internet brands and by millions of users in 160 countries.

Founded in 2007, Yubico is privately held, with offices in Sweden, UK, Germany, USA, Australia, and Singapore. For more information:

Ashton Tupper

Director of Global Communications