Will passwords soon be obsolete?

Although passwords are no longer considered secure, the future of digital authentication is still uncertain. One possibility would be the security key YubiKey.


Just recently we reported here on our blog that simple passwords and even password-based multi-factor authentication are no longer a guarantee that accounts cannot be hacked. (learn more)



Physical key as alternative to password

The company Yubico from San Francisco offers a possible alternative. The company sells the security key YubiKey, which can basically be used like a conventional key to open locked accesses – just digitally. The key can be inserted into computers via the USB interface, and smartphones or tablets can be “unlocked” via NFC by holding the key in front of them. Without this physical key, attackers are denied access. As long as the YubiKey is not lost, it offers its users a very high level of security.

Yubico was founded in 2007 in Stockholm. Founder and CEO Stina Ehrensvärd later relocated the company’s headquarters to Silicon Valley. She created a non-commercial alliance of technology companies that together developed the open standard FIDO (Fast IDentity Online) to enable strong authentication and in the future to easily to be able to do without compromising passwords.

“Our goal is to make passwords redundant and the Internet more secure.” – Stina Ehrensvard (CEO & Founder, Yubico)

Common solution for competing tech giants

YubiKeys are already being used internally by a number of large technology companies, including Google, Twitter and Microsoft. However, this should only be the beginning. With the vision of the physical key as a password replacement and common standard, Stina Ehrensvärd was able to bring rival tech giants Apple, Google and Microsoft together.

Apple, Google and Microsoft have announced plans to offer passwordless sign-in options on their platforms in the future. Of course, this does not necessarily mean that a YubiKey must be used. Scanning a face or fingerprint, for example, can also enable secure access. Either way, dial-in without a password could soon be rolled out across large parts of the Internet.

“This milestone is a testament to the collective work across the industry to improve protection and eliminate obsolete password authentication.” – Mark Risher (Senior Director of Product Management, Android at Google)
Source: Handelsblatt