Multi-factor authentication or MFA is critical to keep business systems, like Microsoft 365, Azure or AWS (Amazon Web Services) secure. With all your employees logging in each day, from different devices, different locations and using different internet providers, robust cyber security is essential. Without it, your business is vulnerable to data security breaches.
What is YubiKey?
YubiKey adds an extra layer of security as part of your MFA set up. Think of it like a door key. It is a hardware device that looks like a small USB stick and you or your employees use it to access your online accounts. Like a door key, it’s fast and easy to use and without the physical key you can’t log in, ensuring only the authorised account holder can gain access.
Read more about multi-factor authentication and why it’s so important for your business in our MFA guide.
Using our smart phones for MFA has become the norm. For Microsoft 365, Microsoft Authenticator offers a convenient MFA app for smart phone users that is highly secure, especially in repelling phishing attacks. However, what happens for users who don’t have a smart phone?
Previously, SMS-based (text message) authentication has been used. Unfortunately it is now outdated and can be easily exploited by hackers. A physical security key cannot be intercepted or spoofed in the same way, significantly increasing your security when compared to SMS-based authentication.
What makes YubiKey MFA so secure?
The YubiKey 5 series incorporates the latest security technology, using public key cryptography to repel phishing attacks.
Unlike passwords, which are a form of shared secret security, YubiKey MFA relies on physical security. Authentication information is stored on a secure chip that has no connection to the internet and your access data isn’t stored by Microsoft (or your service provider for other online accounts). These credentials can’t be exposed in the data breaches we regularly hear reported on the news.
Using YubiKey is far more secure than SMS authentication, which is still widely used despite its vulnerabilities. SMS relies upon your phone’s SIM card, which can be cloned or swapped by malware giving hackers access to your text messages and authentication codes. Text messages can also be easily intercepted or spoofed, compromising your security.
YubiKey, as a physical key, cannot be digitally cloned, intercepted or spoofed.
Need secure, MFA authentication for M365 users without a smart phone? Get YubiKey here:
(Please note that these are affiliate links to Amazon and we may be paid for qualifying purchases).
How does YubiKey work as part of my MFA?
Using YubiKey for Microsoft MFA is easy. YubiKey has multi-protocol support and cross platform compatibility, which means it can be used effortlessly with all major protocols and operating systems. YubiKey 5’s NFC (near field communication) and Lightning connectivity means it works equally seamlessly with Apple and Android devices.
You can easily incorporate YubiKey into Azure MFA. For AWS MFA, YubiKey is an ideal extra authentication step. YubiKey also provides additional security for Microsoft 365, and a long list of other online services.
It’s easy to set up. Here’s how to use YubiKey:
- Open MFA or 2 Step verification settings on M365 (or any required service).
- You will usually be asked to verify your access credentials (for example, by entering the password).
- Select ‘Security Key’, then insert and tap your YubiKey.
- Name your security key.
For more on how to set up MFA, see our guides for Microsoft 365 and Google.
To use the YubiKey to log in is even easier:
- When requested by your service, you insert your YubiKey.
- Tap your YubiKey.
- Continue as normal.
- Once the YubiKey has been verified for a device, you won’t need to use it every time you log in.
Connectivity types for different devices
YubiKey is designed to work with many kinds of laptops, tablets and mobile phones by using the following connectors with your device:
- USB-A: Traditional USB connector
- USB-C: Newer, smaller USB connector
- Lightning: For Apple devices like iPhones
- NFC: Wireless, tap-and-go access.
Biometric and Non-Biometric
There are two types of YubiKey, biometric (fingerprint scanning) and non-biometric. Both are equally effective and offer robust security.
How can I get the YubiKey?
You can purchase YubiKey through Amazon, follow our affiliate (paid) links:
As you know, the data security landscape is continually evolving. Our cyber security consulting and training, informed by the latest trends, will take the worry of missing something off your hands. Contact us for a chat about your needs.