Systems that use passwords for authentication must have some way to check any password entered to gain access. If the valid passwords are simply stored in a system file or database, an attacker who gains sufficient access to the system will obtain all user passwords, giving the attacker access to all accounts on the attacked system, and possibly other systems where users employ the same or similar passwords. One way to reduce this risk is to store only a cryptographic hash of each password instead of the password itself. Standard cryptographic hashes, such as the Secure Hash Algorithm (SHA) series, are very hard to reverse, so an attacker who gets hold of the hash value cannot directly recover the password. However, knowledge of the hash value lets the attacker quickly test guesses offline. Password cracking programs are widely available that will test a large number of trial passwords against a purloined cryptographic hash.
A secure computer.
Computer security can be defined as controls and other software solutions that are put in place to provide confidentiality, integrity, and availability for all components of computer systems and to safeguard you from others accessing your private information.
What is the YubiKey?
The YubiKey is a hardware authentication device manufactured by Yubico that supports one-time passwords, public-key encryption and authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows for storing static passwords for use at sites that do not support one-time passwords. Facebook uses YubiKey for employee credentials, and Google supports it for both employees and users. Some password managers support YubiKey. Yubico also manufactures the Security Key, a device similar to the YubiKey, but focused on public-key authentication.
At CES 2017, Yubico announced an expansion of the YubiKey 4 series to support a new USB-C design.
A single YubiKey has multiple functions for securing your login to email, online services, apps, computers, and even physical spaces. Use one or more YubiKey features, or use them all. The versatile YubiKey requires no software installation or battery; just plug it into a USB port, and touch the button, or tap-n-go for secure authentication.
It’s harder than ever to feel secure online
With daily news of data breaches and stolen passwords, it’s more important than ever to know that your accounts are protected. That’s why we invented the YubiKey so you can be sure it is only you logging into your accounts.