Stop Account Takeovers
The key to truly secure MFA
Modern and secure authentication to protect
against account takeovers
Spending on cybersecurity keeps going up, but account takeover and phishing related breaches aren’t abating, because legacy 2FA/MFA methods remain vulnerable. Security you can trust requires a physical factor that is never fooled - such as the Yubikey.
Stop account takeovers and phishing
Fraudsters and hackers are getting smarter and more sophisticated. Account takeovers and breaches were up a whopping 424% in 2018 despite companies spending hundreds of billions of dollars to strengthen their cybersecurity postures.
Many organizations have successfully eliminated account takeovers with the YubiKey. Even if a user is tricked into giving up their personal info, the YubiKey isn’t fooled. User credentials are built on strong public-key cryptography and bound to the service, offering account takeover protection by ensuring that only the real site can authenticate with a key.
Make existing security solutions stronger
Passwords offer little if any protection against account takeovers. Research by Google, NYU, and UCSD based on 350,000 real-world hijacking attempts has proven that on-device prompts, secondary emails, SMS codes and phone numbers aren’t as effective as a security key in preventing targeted attacks.
Using strong public key cryptography, Yubikey strengthens security for 2FA and MFA, and makes passwordless a reality by requiring a physical key as the authentication controlling factor.
Account takeover prevention rate
Research by Google, NYU, and UCSD based on 350,000 real-world hijacking attempts. Results displayed are for targeted attacks
Source
Offer the best user experience
SMS codes, one-time passwords, and mobile push authenticators all require additional cumbersome steps while not being very secure. Waiting for and typing in one-time codes, or going through extra steps creates user fatigue and decreases workforce productivity and MFA adoption.
With YubiKeys, users login with a single touch or tap. They don’t require connectivity to work and are always available and ready for authentication. Strong hardware-based security is combined with an intuitive user experience that’s 4 times faster than SMS.
CASE IN POINT
Facebook balances security and usability
Situation:
Facebook’s access to the personal information of billions of people has made it a highly valuable target for cyberattacks. As a part of Facebook’s ongoing security strategy, their engineering team wanted to implement strong two-factor authentication (2FA) for their development environment. The solution needed to scale to thousands of developers, and enable seamless security without interrupting workflow.
YubiKey Solution:
Facebook chose the YubiKey, which was deployed to thousands of developers within a matter of months. Once the engineering team proved the YubiKey could meet all of their complex requirements, Facebook deployed YubiKeys across the entire company.
The Result:
Facebook deployed YubiKey-enabled 2FA, protecting every single SSH access instance, email systems and VPN. In addition to employees, Facebook also supports YubiKey authentication to help billions of users prevent fraud, account takeovers, and data theft from highly persistent attackers—helping to ensure the platform’s integrity and security for everyone who uses Facebook every day.
“Protecting against remote attackers is a constant challenge, because once they gain access, they can move laterally through the organization to get the data they want. We wanted a 2FA solution to prevent that lateral movement, so if an engineering laptop gets compromised, the attackers can’t pivot into the production environment and access critical data,””
—John “Four” Flynn, Information Security Manager, Facebook Inc.
