This is a strong authentication method that requires the user to identify themselves in at least two different ways. For example, two-factor authentication combines something you know (a PIN or password) with something you have (a physical device like a security token) or a biometric (like a fingerprint).
But how do you strengthen authentication without overwhelming users; and how do you protect and monitor user access in today's multi-perimeter environments? Passwords alone no longer provide security here, as the current Verizon Data Breach Investigations Report 2017 shows. According to this, 81% of all security incidents are related to stolen, compromised or weak passwords. Up until a few years ago, logging into the corporate network was almost exclusively done from a secure network. Nowadays, companies have to grant user access via various channels, e.g. mobile technologies, social media and the cloud, control and implement. For all of these different access scenarios, authentication using only a user name and password no longer offers the necessary security.
What requirements must the authentication of the future have if the password no longer meets the criteria for an IT world increasingly characterized by cybercrime? Multi-factor authentication, or MFA for short, significantly increases the security of the authentication process by adding another level of security. In addition to the username and password, another factor is required when registering, such as a fingerprint, smartphone or smart card. This two-factor authentication can also be supplemented with other factors such as session ID, IP address, number of successful logins or the user's location.
A good half of all companies have fallen victim to digital industrial espionage or data theft in recent years, and the number of unreported cases is many times greater. One reason for the increasing cybercrime in the age of mobile and cloud computing is the increased attack surface as a result of advancing digitization and increasing networking of devices, processes and supply chains. In addition, intangible assets such as sensitive data, patents and specific knowledge are playing an increasingly important role in business and are therefore increasingly being targeted by cybercriminals. It is all the more important to protect data well without massively increasing the effort for data access.
A YubiKey is a small security token that enables secure two-factor authentication with a simple push of a button. YubiKeys are diverse enough for the largest companies, yet simple and easy to use for anyone. The tokens support FIDO U2F, (Yubico-OTP), OATH-OTP, OATH-HOTP, OATH-TOTP, OpenPGP and PIV. A key can be used for an unlimited number of applications. No drivers, client software or batteries are required. Depending on the key, both contact (USB) and contactless (NFC, MIFARE) communication is possible.
A one-time password (OTP) is a password that is only valid for one time use and can no longer be used for authentication after that. A Yubico OTP is a unique sequence of characters that is regenerated each time the YubiKey button is touched.
No, this is not possible. For security reasons, the security token does not allow access to the firmware.
We recommend enrolling an additional factor that can act as a backup to your YubiKey. Often this can be your Smartphone.
Please follow the steps below and then contact our support via email or phone to describe the problem.
- Check if you have correctly inserted the security token into the USB port.
- Check a different USB port on your computer and a different computer if possible.
- Open a text editor and press the security token.
- Check the display (if available).
FIDO (Fast IDentity Online) is an open standard for simple and secure authentication. The FIDO specifications and certifications enable an interoperable ecosystem of hardware, mobile, and biometrics-based authenticators that can be used with many apps and websites.
Yes, depending on which FIDO protocol the service, e.g. Google or Dropbox, uses and the security token supports.