The YubiKey -- HOW IT WORKS
A single YubiKey has multiple functions for protecting access to your email, your apps and your physical spaces. Use one or more Yubikey features, or use them all. The versatile YubiKey does not require software installation or a battery; just plug it into a USB port, and touch the button for secure and strong authentication. A Yubikey is something you have that provides security protection beyond something you know (like a username/password). Even if someone steals your username and password (which is happening in bunches lately) they can’t get into your account without your physical key.
Let’s take a look at the options a Yubikey provides:
YUBICO ONE-TIME PASSWORD (OTP)
The YubiKey generates an encrypted password that can only be used once. Hackers require physical access of your YubiKey to generate the OTP. This feature is available on every YubiKey except the U2F Security Key.
OATH – HOTP (EVENT)
The Yubikey generates a six or eight character one-time password (OTP) for logging into any service that supports OATH-HOTP, a strong open authentication standard. The action is event-based, meaning a new one-time password is generated for each event. The OATH-HOTP feature is available on every version of Yubikey except the U2F Security Key.
OATH – TOTP (TIME)
The Yubikey generates a six or eight character time-based one-time password (OTP) (in conjunction with a helper application) for logging into any service (such as Microsoft Cloud accounts, Google Apps, Dropbox, EverNote) that supports OATH-TOTP, a strong authentication standard. A new password is generated at a set time interval, typically every 30 seconds. The OATH-TOTP feature is available on every version of Yubikey except the U2F Security Key.
CHALLENGE AND RESPONSE (HMAC-SHA1, YUBICO OTP)
The Challenge-Response method is best suited for offline validations. Use for Windows, Mac, and Linux computer login. The CR feature is available on every version of Yubikey except the U2F Security Key.
PIV-COMPLIANT SMART CARD
Smart Cards contain a computer chip that brokers data exchanges. These same features are contained in the Yubikey NEO, based on the industry standard Personal Identity and Verification Card (PIV) interface over the CCID protocol, which supports PIV on a USB interface.
OPENPGP
In the physical world, documents and data are often validated with a signature. In the virtual world, OpenPGP is a standards-based public key cryptography for signing, encrypting, and decrypting texts, e-mails, files, etc. The Yubikey NEO can securely hold the PGP key.
FIDO U2F
An emerging standard from the FIDO Alliance for applying two-factor authentication to any number of web-based applications, such as Gmail. Works via the browser, Chrome today, Firefox under development) and does not require any drivers. Does not require any client software or drivers. Read more about FIDO U2F. U2F is available on every version of Yubikey except the YubiKey Standard and YubiKey Nano.
STATIC PASSWORDS
A basic Yubikey feature that generates a 38-character static password compatible with any application log-in. It is most-often used with legacy systems that cannot be retrofitted to enable other 2nd factor authentication schemes, such as pre-boot login. Static password is available on every version of Yubikey except the U2F Security Key.
View all YubiKeys on a chart showing which features they each support. Specific applications and step-by-step instructions are on our Applications page.
The YubiKey -- HOW IT WORKS的更多相关文章
- The YubiKey NEO -- Smartcard features
Smartcard features on the YubiKey NEO YubiKeys are a line of small and low-cost hardware security to ...
- The YubiKey NEO
The YubiKey NEO The YubiKey line of hardware one-time-password (OTP) generators has been on the mark ...
- spring注解源码分析--how does autowired works?
1. 背景 注解可以减少代码的开发量,spring提供了丰富的注解功能.我们可能会被问到,spring的注解到底是什么触发的呢?今天以spring最常使用的一个注解autowired来跟踪代码,进行d ...
- [Unity][Heap sort]用Unity动态演示堆排序的过程(How Heap Sort Works)
[Unity][Heap sort]用Unity动态演示堆排序的过程 How Heap Sort Works 最近做了一个用Unity3D动态演示堆排序过程的程序. I've made this ap ...
- How PhoneGap & Titanium Works
转载自 http://www.appcelerator.com/blog/2012/05/comparing-titanium-and-phonegap/ How PhoneGap Works As ...
- Saying that Java is nice because it works on every OS is like saying that anal sex is nice because it works on every gender.
Saying that Java is nice because it works on every OS is like saying that anal sex is nice because i ...
- How Garbage Collection Really Works
Java Memory Management, with its built-in garbage collection, is one of the language's finest achiev ...
- 攻城狮在路上(肆)How tomcat works(零) 前言说明
最近几篇是关于How tomcat works一书的读书笔记. 通过数个章节逐渐实现一个tomcat的功能. 源码下载地址:http://zhidao.baidu.com/share/7007af0f ...
- The Magic only works with total devotion of one's heart
The Magic only works with total devotion of one's heart All tools and equipments are useless without ...
随机推荐
- 再谈OPENCV(转)
转自:http://blog.csdn.net/carson2005/article/details/6979806 尽管之前写过一篇关于OpenCV的介绍(http://blog.csdn.net/ ...
- linux 系统网卡无法识别,缺少驱动
#linux网卡驱动安装# Linux设备加载 #lsmod Module Size Used by e1000e 查看硬件设备 ls /usr/share/hwdata 查看pci网卡设备 lspc ...
- sqlserver日期推算(年,季度,月,星期推算)
DECLARE @dt datetime SET @dt=GETDATE() DECLARE @number int SET @number=3 --1.指定日期该年的第一天或最后一天--第一天为1月 ...
- 参数化SQL语句
避免SQL注入的方法有两种:一是所有的SQL语句都存放在存储过程中,这样不但可以避免SQL注入,还能提高一些性能,并且存储过程可以由专门的数据库管理员(DBA)编写和集中管理,不过这种做法有时候针对相 ...
- day5模块学习--shutil模块
shutil模块 高级的 文件.文件夹.压缩包 处理模块 os模块提供了对目录或者文件的新建/删除/查看文件属性,还提供了对文件以及目录的路径操作.比如说:绝对路径,父目录…… 但是,os文件的操作 ...
- swift中Double转String
swift上手有好几天了.发现swift除了本身的几个基本类型转换,一些比较特殊的数值类型转换需要“桥接”到Objective-C来进行- 代码当然也很简单- var numString = &quo ...
- gluster学习(一)
2)Bricks • Brick是一个节点和一个导出目录的集合,e.g. node1:/brick1 • Brick是底层的RAID或磁盘经XFS或ext4文件系统格式化而来,所以继承了文件系统的限制 ...
- NHibernate 错误
Unable to locate persister for the entity named 'Model.Customer'.The persister define the persistenc ...
- nginx中配置文件的讲解
一: 1.配置文件的结构 nginx由配置文件中指定的指令控制的模块组成. 指令分为简单指令和块指令. 一个简单的指令由空格分隔的名称和参数组成,并以分号(;)结尾. 块指令具有与简单指令相同的结构, ...
- ZOJ 4010 Neighboring Characters(ZOJ Monthly, March 2018 Problem G,字符串匹配)
题目链接 ZOJ Monthly, March 2018 Problem G 题意 给定一个字符串.现在求一个下标范围$[0, n - 1]$的$01$序列$f$.$f[x] = 1$表示存在一种 ...