Yubico & Microsoft partner on phishing-resistant MFA

Today

Yubico has highlighted its role in supporting Microsoft's recently enforced requirement for multi-factor authentication (MFA), helping businesses build cyber resilience and move towards a passwordless future.

In the current digital climate, the prevalence of cyber threats such as phishing attacks is considerable, with incidents reportedly occurring every second. According to recent data from Microsoft Entra, the rate of password-based attacks on Microsoft cloud identities has escalated to 4,000 attacks per second, posing threats that include data exposure, service disruption, and network transmission interception.

Yubico is addressing these concerns through its partnership with Microsoft by providing modern, phishing-resistant MFA solutions. "Through our ongoing partnership with Microsoft, we are delivering modern, phishing-resistant multi-factor authentication (MFA) solutions to enable businesses to move towards a passwordless future," Yubico stated.

Microsoft's enforcement of MFA for all Azure sign-ins from mid-2024 marks a significant shift in its security protocol aimed at reducing account compromises. "Microsoft's recent requirement for MFA is a significant step towards enhancing security across its platforms," said Derek Hanson of Yubico. Microsoft research suggests that employing MFA can block more than 99.2% of account attacks.

The YubiKey, Yubico's flagship product, is positioned as a suitable solution for organisations needing to comply with these new security measures. "The YubiKey ensures that organisations comply with Microsoft's requirements while offering a seamless and secure authentication experience," Hanson added.

Yubico's collaboration with Microsoft is described as pivotal in its effort to improve organisational cyber resilience. "Our collaboration with Microsoft is a cornerstone of our mission to enhance cyber resiliency. Microsoft has been a pioneer in advocating for stronger security measures and has integrated wide support for YubiKeys across its ecosystem in recent years," Yubico emphasised.

The integration of YubiKeys with Microsoft Entra ID supports passwordless authentication, enhancing security and improving user experiences by removing the need for password management. This development aligns with Yubico's aim to deliver security solutions that are both robust and user-friendly.

The YubiKey offers several advantages over traditional passwords and software-based authenticators, including phishing resistance, ease of use, cross-platform compatibility, and durability. Yubico describes the YubiKey's phishing resistance using public key cryptography as making it virtually impossible for attackers to intercept authentication attempts.

Yubico and Microsoft's concerted efforts are part of a broader vision to transition towards a future defined by phishing resistance and passwordless access. "The future of cybersecurity lies in moving toward passwordless and becoming phishing-resistant," Yubico stated. Their partnership aims to enhance cyber resiliency and facilitate the global transition towards more secure and efficient authentication methods.

Share on: