The services that I have added the Yubikeys to so far support more than one Yubikey which allows you to have one at home and one for mobile. I will discuss what I liked or disliked about each. This post is specifically on the models that I purchased, the Yubikey 5 NFC and the Yubikey 5 Nano. Why is FIDO cool? Because it allows passwordless logins! The Yubikey 5 also supports FIDO U2F, PIV, OpenPGP, Yubico OTP, OATH-TOTP, OATH-HOTP, and challenge-response. The Yubikey 5 series added additional support that the older models lacked, like support for FIDO2 / WebAuthn and NFC (on specific models). You can use the Yubikey with Windows, Linux and MacOS, and there is some support for Android phones and iPhones. Currently, that is limited to the Google Chrome browser although there are reports that Firefox is developing support for it as well. This keeps a remote hacker from logging into your account.įor some services, you will need a browser that supports FIDO U2F. If a hacker compromises your device, the Yubikey will protect your identities, as you must physically touch the contact on the Yubikey to log in. Since you can use more than one Yubikey, you don’t have to be concerned about losing a single key if you have two of them. While software authentication apps are certainly better than no MFA, they are still potentially vulnerable to hacking attempts, and if lost could be difficult to recover from. The Yubikey gives you the ability to securely store/generate secrets in a hardware-based key. What is a Yubikey and why should I get one? Other common methods are using authenticator apps like Google Authenticator and Authy, or by using push approvals like Duo or the WordPress app. Some people/orgs opt to use SMS text messaging. Username and password is the weakest form of credential, and we really need to get better about securing our online identities. For years, as a security professional I have told people that they need to start using multi-factor authentication (MFA) if they aren’t using it already.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |