Yubico Delivers Secure Two-Factor Authentication for Gmail and Google Apps

PALO ALTO, Calif. and STOCKHOLM, Oct. 26, 2011 — Yubico, the leading provider of easy-to-use two-factor authentication, today announced that the company has successfully implemented the Initiative For Open Authentication (OATH) Time-based One-time Password (TOTP) configuration for the YubiKey USB authentication key, enabling secure access to Gmail and Google Apps.

Built into the Google account framework to supplement traditional password protection, Gmail and Google Apps users are able to authenticate their login with an additional layer of security using OATH TOTP.  The YubiKey simplifies the process of logging in with a one-time password token, as it does not require the user to re-type long passcodes from a display device into the login field of the computer.

“The OATH-TOTP configuration of the YubiKey enables Google Apps and Gmail users to authenticate with a simple click of the mouse, with a higher level of security than a smartphone application and with a minimal sized and practically indestructible token,” said Stina Ehrensvard, CEO and Founder, Yubico.

The OATH-TOTP protocol relies on using the current time to create a hash-based message authentication code for login credentials.  To utilize the YubiKey to support this protocol, Yubico has developed a small Windows app.  Once installed, the app sends the current time as a challenge to the YubiKey and the response is processed to produce the OATH-TOTP six-digit response.

The OATH-TOTP configuration is a complement to the further simplified and driverless Yubico OTP and OATH event based OTP configuration of the YubiKey, protecting the online identity for one million users globally.

Please visit yubico.com/totp for additional documentation on the Google two-factor authentication.

 

About Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers.

Yubico is a leading contributor to the FIDO2WebAuthn, and FIDO Universal 2nd Factor open authentication standards, and the company’s technology is deployed and loved by 9 of the top 10 internet brands and by millions of users in 160 countries.

Founded in 2007, Yubico is privately held, with offices in Sweden, UK, Germany, USA, Australia, and Singapore. For more information: www.yubico.com

Press RoomPress Room

Share this article:


  • Works with YubiKey Spotlight: Expanded partnerships redefining phishing-resistance in 20252024 was an exciting year for Yubico and our partners. Together, we achieved remarkable milestones, launching innovative solutions and forging stronger partnerships – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart of these efforts lies a shared commitment to phishing-resistance.  From registration to […]Read moreWorks with YubiKeywwyk
  • Cybersecurity in 2025 – part two: Insights and predictions from Yubico’s expertsIn part one of our 2025 cybersecurity predictions, we highlighted insights from our experts on the topic of passkeys, digital identity wallets and the threats of AI-driven phishing – areas that saw a lot of focus in 2024, and ones that we expect to continue being a major focus this year. If you missed our […]Read morecritical infrastructurefederal governmentfinancial servicespredictions
  • Cybersecurity in 2025: Insights and predictions from Yubico’s expertsWith 2024 behind us, we saw another challenging year in the world of cybersecurity – highlighted by new and evolving threats like Artificial Intelligence (AI)-driven phishing and increasingly sophisticated cyber attacks overall. Yubico’s September Global State of Authentication Survey confirmed the challenges, even underscoring the potential risks of these new threats. The report emphasized the […]Read moreAIdigital identity walletspasskeyspredictions
  • State of Global Authentic(age)ion: A look at cybersecurity habits by generationsNo generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as […]Read moreState of Global Authenticationsurvey