PALO ALTO, Calif. and STOCKHOLM, Oct. 26, 2011 — Yubico, the leading provider of easy-to-use two-factor authentication, today announced that the company has successfully implemented the Initiative For Open Authentication (OATH) Time-based One-time Password (TOTP) configuration for the YubiKey USB authentication key, enabling secure access to Gmail and Google Apps.
Built into the Google account framework to supplement traditional password protection, Gmail and Google Apps users are able to authenticate their login with an additional layer of security using OATH TOTP. The YubiKey simplifies the process of logging in with a one-time password token, as it does not require the user to re-type long passcodes from a display device into the login field of the computer.
“The OATH-TOTP configuration of the YubiKey enables Google Apps and Gmail users to authenticate with a simple click of the mouse, with a higher level of security than a smartphone application and with a minimal sized and practically indestructible token,” said Stina Ehrensvard, CEO and Founder, Yubico.
The OATH-TOTP protocol relies on using the current time to create a hash-based message authentication code for login credentials. To utilize the YubiKey to support this protocol, Yubico has developed a small Windows app. Once installed, the app sends the current time as a challenge to the YubiKey and the response is processed to produce the OATH-TOTP six-digit response.
The OATH-TOTP configuration is a complement to the further simplified and driverless Yubico OTP and OATH event based OTP configuration of the YubiKey, protecting the online identity for one million users globally.
Please visit yubico.com/totp for additional documentation on the Google two-factor authentication.
Yubico is the leading provider of easy-to-use two-factor authentication. The company’s flagship product, the YubiKey, uniquely combines driverless USB hardware with open source software. More than a million users in 95 countries rely on the YubiKey for online identity protection with simple and secure access to computers, networks and online services, including individuals, e-governments and Fortune 500 companies. Founded in 2007, Yubico is privately held with offices in California, Sweden and UK. For more information, please visit yubico.com.