When the internet was designed 30 years ago, security was not a priority as it was primarily created as a way to connect and easily share information with others around the world. Fast forward to today with news of hacks and breaches almost daily, much of the online world is trying to play catch up to help secure themselves, and in many cases, their companies by adopting better cybersecurity practices and tools.
Since Yubico was founded in 2007, the company’s mission is to address this important challenge and make the internet safer for everyone. As the pioneer of modern hardware security keys and co-creators of open authentication standards, including FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), Yubico takes the security of everyone very seriously.
Tech companies pushing MFA adoption
This past year, amid a massive transition to distributed workforces around the globe, stronger security practices and the need for strong authentication has become a necessity for organisations. This is leading many to make moves to secure their internal teams, as well as customers, to protect them from becoming victims of cyberattacks.
In line with this shift, Google recently confirmed plans to auto-enroll 150 million Google users onto its 2FA system (two-step verification or 2SV, as Google calls it), and require two million YouTube creators to activate it by November 1, 2021. Many other companies are also enforcing security key MFA for their applications and end users, including GitHub and Meta (Facebook) for its Business Manager tool, and it is expected this will only continue.
Yubico is thrilled to see further strong authentication adoption, but it should be noted that not all MFA is created equal. Just earlier this week, Motherboard published a piece on the underground market for bots that steal your SMS and app-based codes. The bots target the user specifically, tricking them to disclose their authentication codes and get them into the hands of a hacker. As noted in the article, ‘this existence and increased popularity raises questions on whether online services need to offer more phishing-resistant forms of authentication to protect users’.
Security Keys, like the YubiKey, which support modern FIDO/WebAuthn authentication, are the only proven method to prevent account takeovers. Currently, some of the world’s largest tech companies, including Google, Twitter, and Microsoft, as well as millions of users in 160 countries rely on the YubiKey to defend against increasingly sophisticated, widespread attacks like spear phishing and ransomware.
Modern, phishing resistant authentication with YubiKey
People have keys for their car and house, why would they not want one for their online identity, applications, and data? With authentication enforcement on the horizon, Google and YouTube creators, as well as users for any other supported apps or services, can protect accounts with the highest levels of security with the YubiKey 5 Series, as well as the recently introduced Security Key C NFC. Additionally, YubiKeys can be added to any keychain to travel with you or stay semi-permanent in your USB port, making them convenient wherever you are.
Yubico feels it has a responsibility to make the internet safer for everyone and support the mission in which the company was founded on. In some cases, access to tools like YubiKeys might be harder for some, which is why Yubico created the Secure It Forward program, which donates YubiKeys to high-risk individuals or organisations that are defending freedom of press, human rights, and election security. For every 20 keys sold on the Yubico e-commerce store, Yubico will donate 1 key to nonprofits, individuals, or organisations in need so they can immediately lock down their accounts. Additionally, Yubico has also been working with Defending Digital Campaigns (DDC) over the last year and a half providing YubiKeys to bi-partisan campaigns.
With education, training and the proper tools, usage and adoption rate of strong, modern 2FA and hardware keys, like YubiKeys, will only continue to increase. Do you want to see more of your favorite online services and apps protected from account takeovers? If yes, Yubico can help make it happen with this Tweet asking for YubiKey & WebAuthn support.
With YubiKeys, you can rest easy knowing that you’re investing in the most secure way to protect yourself online. To find out which YubiKey is the best fit for you, visit https://www.yubico.com/quiz/.