Phishing-resistant MFA for your hybrid and remote workforce

Enable secure MFA access for IAM and IDP platforms

Most leading hybrid and cloud environments leverage Identity and Access Management (IAM) and Identity Provider (IDP) platforms to enable employees to work without the hassle of multiple usernames and passwords. Using multi-factor authentication (MFA) with these services will enhance your security posture.

Enhance security across your entire organization by turning on phishing-resistant MFA with the YubiKey. Leading IAM platforms such as Axiad, Duo, Google Cloud, Microsoft Azure Active Directory, Okta Workforce Identity, OneLogin, Ping Identity platform and RSA SecurIDⓇ Suite natively support YubiKeys, and can be used for Single Single On (SSO) to messaging and video conferencing apps such as Microsoft Teams, Google Hangouts and Zoom.

Learn more about YubiKey integrations

Secure remote access technologies with MFA

Connecting via Virtual Private Networks (VPN) or Identity-Aware Proxies (IAP) to access corporate networks, protected resources or specific applications from unsecured home or public wifi can be risky if they are using legacy forms of authentication.  

The YubiKey secures remote access by enabling phishing-resistant 2FA or MFA for leading VPN applications such as Pulse Secure and Cisco AnyConnect, as well as other remote access applications, using smartcard (PIV), one-time password (OTP), FIDO U2F, or FIDO2 capabilities.

Protect computer login with MFA

If employee laptops are not secured properly, they can provide entry points for external threats leading to a security breach, which can have financial, legal and reputational repercussions for your business.

YubiKeys secure computer logins, protecting on-device applications and critical business data. Multiple login options include authentication for Macs and Windows computers including those connected via Azure Active Directory, Active Directory and Microsoft Accounts. One of the most effective ways to secure computer access is to leverage the YubiKey smart card functionality, requiring a YubiKey and a PIN.

Secure & portable authenticator app

Many of the services or applications used internally may support time-based one-time passcodes (OTPs) — such as Google Authenticator, Microsoft Authenticator, or Authy — as a two-factor authentication method.

You can enhance phone-based one-time passcode authentication with the Yubico Authenticator, a cross-platform authenticator app that improves security and portability by storing TOTP secrets on the YubiKey and not on the mobile phone. This allows users to generate the OTP codes within the app by inserting or tapping the YubiKey to a device. Yubico authenticator is compatible with iOS, Android, PC and Mac.

Secure SSH authentication keys

SSH credentials used to access business servers are high value targets for hackers, as they are used by developers and systems administrators who may have higher access levels to critical systems and data. Storing SSH private keys on local devices leaves them at risk of being stolen. Additionally, manually typing OTP codes for MFA slows down access times and productivity as it takes users away from their workflows.

SSH users can authenticate to remote systems using private keys stored securely on a YubiKey. Storing SSH private keys on a YubiKey ensures that they cannot be copied, stolen remotely or accessed by malware on the device. Using YubiKeys also offers greater convenience and faster logins – with a single touch users are securely authenticated. YubiKeys can work with SSH with a variety of authentication protocols including OpenPGP, PIV, FIDO U2F, or OTP.