Hardware-based password-less authentication
May 06, 2021
Hardware-based password-less authentication
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Yubico
Currently, we use Yubico as a single sign-on solution for our administrators. We recently migrated to Azure AD and Yubikey 5 supports passwordless authentication which is a big plus. We are investigating whether a rollout to all users would be beneficial. This will depend on business decisions of device types that we are going to support and where the key works.
Pros
- Passwordless authentication
- Hardware-based tokens
- Support NFC and USB
Cons
- NFC cannot be used reliably when on a keychain, phones do not detect it properly anymore.
- In fact you need two keys for backup purposes and that can be expensive.
- Combination of work/private use of Yubikeys.
- Not firmware updatable.
- Ease of use for the end user.
- Hardware based authentication.
- Support of password-less authentication.
- Better security for privileged accounts.
- Investment is overseeable.
Hardware-based authentication is much better than software-based because it cannot be forged. Also, users lose their software authenticators when they move to a new phone. Yubikey always works, does not need a battery, and is built around safety. The protocol is well defined and supports multiple standards.
Do you think Yubico YubiKeys delivers good value for the price?
Yes
Are you happy with Yubico YubiKeys's feature set?
Yes
Did Yubico YubiKeys live up to sales and marketing promises?
Yes
Did implementation of Yubico YubiKeys go as expected?
Yes
Would you buy Yubico YubiKeys again?
Yes
Comments
Please log in to join the conversation