Yubico YubiKey Bio offer a new element of security
The move away from relying on passwords and using biometric authentication instead is gathering steam.
The move away from relying on passwords and using biometric authentication instead is gathering steam. We already rely heavily on face and fingerprint recognition to unlock phones and access apps on them, but this movement isn’t restricted to mobile phones.
Microsoft has been leading the charge towards password-less authentication with Windows Hello face and fingerprint login. Recent MacBook Pros also offer fingerprint login.
Additionally there are hardware keys that you plug into a USB port to authenticate.
Yubico has been in the device security business since 2007 and has produced several generations of YubiKeys.
Traditionally, you authenticated by inserting the key in a USB, and pressing a button on it.
It’s a secure system that a hacker cannot replicate unless they physically steal the key and insert it themselves.
In some cases, these keys can also be used for two-factor authentication, where you press the button instead of typing in, say, a six or eight digit code sent via SMS or email, or provided by an authenticator app.
It depends on whether the application is geared to accepting hardware keys.
Yubico is closing off the possibility of a security breach should your YubiKey be lost or stolen with the YubiKey Bio Series, a hardware key that contains your fingerprint biometric information stored in a secure element. A third party won’t be able to authenticate with it.
It’s more expensive than the current YubiKey 5 Series that comes without fingerprint support but you get that extra level of security. The YubiKey Bio with a USB-A plug is $US80 ($112) while the USB-C version is $US85 ($119).
Setting up the YubiKey Bio is easy enough and there are alternative ways to do it. You can download and install the Yubico Authenticator which will help you register a PIN and your fingerprints on the device. You can also register fingerprints using the Windows Settings Accounts option and via Google Chrome.
The other issue is knowing which applications allow authentication using the YubiKey Bio. Yubico offers a “Works with YubiKey” catalogue online for this.
You can use fingerprint authentication with Google accounts, AWS Identity and Access Management, and Single Sign-On, Microsoft accounts and Azure Active Directory, Facebook, Twitter, salesforce.com, Microsoft Edge browser, Citrix Workspace, Dropbox Personal, YouTube, Yahoo, Okta (if activated) and eBay, to name some.
Several password safes can use it, such as 1Password, Bitwarden (Premium) and DashLane, which adds an extra layer of security to applications you simply cannot afford to be hacked.
The downside is that you have to register the YubiKey with each app that will use it. Yubico offers links to instructions but this can take time.
The support list for YubiKey Bio isn’t as extensive as with the current YubiKey 5 Series, such as support for accounts and apps that use time-limited passcodes that change every 30 seconds or so, and smart cards. Yubico says more functionality for YubiKey Bio is on the way.
Atlassian founders add $4bn to their personal fortunes
The personal fortunes of two of the nation’s richest businessmen rocketed by a massive $4bn on paper Friday when investors responded to their tech company beating revenue expectations.
How DeepSeek has exposed the short lifespan of monopolies
The top investors will tell you that monopolies are the best investments money can buy but as the emergence of China’s DeepSeek shows, assumptions about sectors can be short lived.