Fujitsu
Not logged in » Login
X

Please login

Please log in with your Fujitsu Partner Account.

Login


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now

Recent Discussion:

NickBown | 22.12.2018, 14:18
We have come across this issue as well, and don't seem to have found a way around it (the server is ...
NickBown | 20.12.2018, 18:40
Hi everyoneWe've got an RX2540 M1 which won't boot past the Fujitsu splash screen (which shows the i...
MarkM | 15.10.2018, 11:33
Hi there.I do not believe the Fujitsu policy on this subject has changed.So NO you can not order dri...
Dec 21 2014

Gifts for Geeks, Pt. 3: YubiKey NEO

/data/www/ctec-live/application/public/media/images/blogimages/YubiKey-NEO--finger.jpg

It's the holiday season again, and just like every year, ICT vendors are churning out new compute devices and electronics that sport a certain geek (or nerd) appeal. Far from being a buyer's guide, our little series introduces a few of the most convenient, innovative and useful gadgets to put under the tree.

Whether you're sending out Season's Greetings via Gmail or using mTANs to buy presents – pretty much every online service you rely on these days may sooner or later be compromised by rampant identity thieves or state-backed hackers. Typically, these folks then proceed to plunder your bank accounts or ruin your career and relationships. To make these attacks a little harder, many service providers now support two-factor authentication to offer legitimate customers a secure login option into their network and keep the bad guys out. Sound good? Of course it does. The only trouble is that two-factor authentication solutions on the market tend to be proprietary and often require additional hardware and client software. Besides, there's almost always some kind of user interaction involved – and we all know how irritating it is to find oneself typing in the wrong OTP more than once. In short, many existing solutions are not exactly comfortable to use.

By contrast, the YubiKey NEO from Yubico turns authentication into a piece of cake. The NEO is basically a USB stick with a button on top that can be worn as a key fob, so rather unspectacular on the outside. But inside it carries one of the most versatile and complete "authentication stacks" you'll find at a two-digit price. Essentially an OTP generator, the NEO plugs into any USB port on a desktop or mobile device, produces a 44-character sequence every time the user presses the button and automatically sends it to the service he or she wants to access. That way, YubiKey owners no longer have to deal with unintelligible OTPs that only appear onscreen for 30 seconds. Along with this major convenience, the device offers other technical advantages that set it apart from competing products, namely platform independency and compatibility with multiple authentication protocols: the YubiKey NEO works with Windows, Mac OS and Linux as well as Android and iOS, supports most major browsers, allows for authentication via NFC, and provides smart card functionalities such as authentication via OpenPGP or Personal Identity Verification. Its most advanced feature, however, is the built-in support for U2F, or the Universal Second Factor protocol that was first introduced by the FIDO (Fast Identity Online) Alliance – a consortium of leading hard- and software vendors, service providers and credit card companies – about a year ago. According to recently published specifications, U2F "use[s] standard public key cryptography techniques to provide stronger authentication. During registration with an online service, the user's client device creates a new key pair. It retains the private key and registers the public key with the online service. Authentication is done by the client device proving possession of the private key to the service by signing a challenge. The client's private keys can be used only after they are unlocked locally on the device by the user." To unlock the keys, users only need to press the button and – voilà! – here they pop up on their Gmail account or collaboration platform. It doesn't get a lot easier than that.

The YubiKey NEO is available either directly from Yubico's web shop or from various online retailers in North America and Europe at an average price of 50 dollars/euros. First customer reviews indicate that this may be a good investment – while the NEO can't compete with modern top-of-the-line solutions, it does offer a reasonable amount of security at a reasonable price. For anything that's truly important and confidential, you might have to revert to classic PKI concepts or Fujitsu's PalmSecure ID Match – or better still, one-on-one meetings.

 
SHARE

Comments on this article

No comments yet.

Please Login to leave a comment.