As time goes on, the internet gets to be a more dangerous place. It seems like every day we read another story about another data breach or ransomware attack because simple safety precautions were not taken by users or network administrators. And while you may never be able to change someone else's behaviors to make yourself safer, you can make changes to your own security to help prevent others from putting you in harm's way. Our favorite tactic to protect ourselves is by using a YubiKey by Yubico.
Before we can discuss the YubiKey itself, we need to discuss what multi-factor authentication is. Multi-factor authentication (MFA) is a method of confirming someone's identity by using two or more independent pieces of evidence. The most common type of MFA is something you know and something you have. Something you know would be a password or PIN number, while something you have can be your phone, biometric identifiers like fingerprints, or the YubiKey itself.
The benefit of MFA is that it makes it much harder for someone to gain access to your accounts and information, as they now need two pieces of evidence, rather than just one. This significantly reduces the chance of someone being able to access your accounts and data without your consent.
A YubiKey is a physical key fob or USB device that serves as a second factor of authentication. It contains an embedded secure element that generates and stores cryptographic secrets used to generate one-time passwords (OTPs). When inserted into the computer or scanned using near-field communication (NFC), it sends the OTPs to the authentication backend. It is designed to be a very quick, easy, and secure way of authenticating yourself on your accounts or accessing data.
When combined with traditional username and password login credentials, a YubiKey provides an additional layer of security that makes it much harder for unauthorized individuals to gain access to your accounts and data. This highly secure form of two-factor authentication is becoming more popular due to its convenience and effectiveness in protecting user accounts. By adding a YubiKey to your security arsenal, you can be sure that the data stored on your online accounts are safe and secure from malicious actors. It's an easy and effective way to protect yourself and your data.
In addition to personal uses for a YubiKey, there are a lot of other places where the device can be used. For example, a lot of the corporate hacks we see could have been prevented by a secure MFA system. Even if a company uses text-based MFA, a SIM can be cloned by a determined hacker and access can still be granted. In addition, it prevents the terrible new trend of "zero trust" in corporate IT where they always assume that you've died unless you verify otherwise, destroying computers simply because you forgot to log into the VPN or some other process.
The company also puts a focus on global concerns. For example, they have provided devices to the Ukrainian government to help secure their governmental infrastructure. There was no requirement for them to do this, but they felt it was important enough to the country and the world to do what they could to help out.
Scott is a developer who has worked on projects of varying sizes, including all of the PLUGHITZ Corporation properties. He is also known in the gaming world for his time supporting the rhythm game community, through DDRLover and hosting tournaments throughout the Tampa Bay Area. Currently, when he is not working on software projects or hosting F5 Live: Refreshing Technology, Scott can often be found returning to his high school days working with the Foundation for Inspiration and Recognition of Science and Technology (FIRST), mentoring teams and helping with ROBOTICON Tampa Bay. He has also helped found a student software learning group, the ASCII Warriors, currently housed at AMRoC Fab Lab.