YubiKeys from Yubico enable full Multi-Factor Authentication via a hardware token when it is not feasible or desirable to use a soft-token. It enables strong cryptographic protection and seamless touch-to-sign functionality wherever logins are processed in the Authlogics ecosystem – on Windows Desktop, for access to websites and cloud applications, access to remote systems and any scenario supported by Authentication Multi-Factor Authentication.
YubiKey devices can be reprogrammed and the new crypto keys imported into the Authlogics Authentication Server for 100% offline use. Alternatively, they will work out of the box however Internet access is required to validate each logon via the Yubico Cloud.
Users are able to register their own tokens via the Self Service Portal and all device enrolment information is securely stored in Active Directory.
How it works
YubiKey prevents unauthorized access by requiring the physical presence of the key to log in to a device. YubiKey can be configured as ‘something you have‘ as part of a traditional multi-factor authentication process, or as password replacement, or a mixture of both. The user plugs the key into a USB port and touches the gold button or edge of the key to generate a unique password string. When processing this, the device Id from the password string is checked against the value stored for the user and the password string is then sent to the YubiKey servers to determine if the login is correct.
We support all YubiKey series 4, series 5 and FIPS USB devices that support Yubico OTP. The “blue” Security Key Series devices are NOT supported. The YubiKey 5 and YubiKey 5C are designed for keychains, so they go everywhere you do, whereas the YubiKey 5 Nano and YubiKey 5C Nano are designed to stay inside the USB port.
Yubikeys can be provisioned in seconds by either the administrator or the user. A YubiKey is provisioned to a user by adding it as a device, either by the administrator via the Management Console or Web Management Portal, or the user can do it themselves using the Self Service Portal.
- Prevents unauthorised access where a physical hardware token is required
- Use as a two-factor token or as a password replacement together with Windows Desktop Logon Agent
- Improve security when accessing internal & Cloud-based applications such as Office 365
- Works with Authlogics Authentication Server to provide Emergency Override Access and AD password resets
- Integrates into Active Directory without schema modifications
- Hardware secure elements guard your encryption keys.
- Works on Microsoft Windows, Mac OS X, Linux operating systems, and on major browsers
- Easy to setup. Users can self-provision their YubiKey
- Conveniently fits on a keychain, in a wallet, or inside a USB port