• What is a Man-in-the-Middle (MiTM) Attack?

    In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.
    Back to Glossary
    What is the goal of a Man-in-the-Middle attack?

    The goal of these attacks are to steal personal user information. Examples are usernames and passwords, credit card information, or account details. Attackers then use obtained information to access account information, change login credentials, or initiate unapproved fund transfers.

    How do I prevent Man-in-the-Middle attacks?

    Security keys that use FIDO U2F are there to protect you. Some phishing attacks prompt users to enter their credentials on a fraudulent site. With security keys, user login is bound to the origin, meaning authentication will fail on a fake site since it has no prior credentials set up to authenticate.

    What are some other ways to protect myself from a man-in-the-middle attack?

    Check the url’s of the websites you are visiting. One good thing to look for is that the s in “https” of the url is there. Hackers will manipulate url’s to look like original sites.

    Try to avoid connecting to public wi-fi routers, especially if you need to do a sensitive transaction. Avoiding wi-fi networks that are not password protected is also a good idea.

    Double check any suspicious looking emails. Sometimes hackers will send emails saying you must reset your username and password. If you’re getting these emails make sure they’re coming from service directly.

    Learn More

    Developer Resources

    Get Started

    YubiKey 5 series
    Find the right YubiKey

    Take the quick Product Finder Quiz to find the right key for you or your business.

    Let’s start
    Get protected today

    Browse our online store today and buy the right YubiKey for you.

    Shop now