Secure Your Cloud Apps with USB key Authentication
Yubikey is actually a hardware device about the size of an USB stick that allows users to implement the two-factor authentication by simply touching a button. This type of authentication is more secure than the simple password and can be used to protect anything from emails to Dropbox accounts and financial apps (PayPal for example).
The interesting part about Yubikeys is the fact that they can be used by both high-end enterprises and individuals. They are simple to implement and extremely easy to use. For a better use, they come in two versions: with contact (the USB device) or contactless (using NFC or MIFARE).
I have a good password and I don’t need extra protection
Here is where you’re wrong. Passwords chosen by humans are weak and easy to break by an insistent hacker. Because we can’t remember random numbers and letters, we need to attribute meaning to the password and this is why the world’s most common passwords are pet names or dates of birth.
The world evolves quickly and right now we can use apps on our phones to withdraw money from financial accounts. Also, the phone is slowly becoming our wallet and, in case of lost or theft, we have a lot to lose.
The main danger: password recycling
We usually have a small group of passwords we use on various accounts and this is where the danger may be lurking. If you use the same password for your email and for your Facebook account, a hacker may take advantage of this. The world is filled with examples where a two-factor authentication could have saved the day and the hard earned money of a person.
Our recommendation is to increase your important accounts security by implementing the 2-factor (or 2-step) authentication as quickly as possible. It will take a bit longer to log in to the accounts, but your money and personal data will be safer than ever.
Yubico and the Yubikeys
In the past 12 months we have seen a large increase in hacking of cloud services like Google Apps, Office 365, Dropbox, and PayPal. Also, the prediction for 2016 is a further increase in hacking. Well, the Yubikey was created to provide enhanced security for these cloud services and keep your information safe.
As usernames & passwords are not enough to keep out the hackers anymore, a device like the Yubikey can make your cloud services close to 100% protected. Onsite Helper, in partnership with Yubico, will help you obtain that extra layer of security by helping you implement the Yubikeys. Our customers will receive the following:
- A shorter login time – the Yubikey is actually a device that will be attached to your computer. You simply have to press it in order to be authenticated. This allows you to get rid of apps that provide an additional security code, making the process quite long.
- Clear instructions on how to setup the Yubikey on your computer on Gmail or Google (this is mostly used for work).
We recommend all our clients to wear the Yubikey device on the keychain, for more availability. Still, if you want to keep it connected to the computer all the time, you can still use the 2-factor authentication. You can use the Google authenticator app (as explained at the link above) or have a unique, onetime SMS sent to your phone.
How does it actually work?
When you first sign into Gmail or Google Apps using the Google Chrome browser, you will be asked for your email address and password (as usual). Once the credentials are offered, the following page will ask for your USB security key to be inserted into the computer. You will have to insert the key and press the yellow key button. This authenticates you and you can now access your Google Apps.
You can choose to allow the account to remember you for 30 days so you don’t have to enter the key every time. But beware, only do this on your office computer, personal laptop or home computer.
How to setup?
Please follow the instructions below for securing your Google Apps. The process shouldn’t take more than 5 minutes.
Setting Up Your Google Account
- Insert the Yubikey USB in the computer and wait for the drivers to install. Make sure the USB device is introduced correctly if nothing happens.
- Open the Chrome browser and sign in to your Gmail account.
- To set up the 2-Step authentication for your Google account, click your image icon in top right corner next to your name. Next, click My Account.
- Click Sign-in & Security.
- In the section under Password & sign-in method, click on 2-Step Verification.
- If it is not already selected, select Verification Codes.
- Under Backup Options, click Add a phone number. This is where you set up the backup option, in case you lose the Yubikey or you don’t have it on you.
- In the Add backup phone number dialog box, enter your phone number and specify how you want to receive codes (usually by SMS text message).
- If you want to verify that your backup method works, click Send Code.
- Click Save.
- Now you are ready to register your Yubikey as your 2-Step Verification device. Click Security Keys, and then click Manage.
- This is the really cool part! If your Yubikey is inserted, remove it. Now click Register, insert your U2F Yubikey, wait for it to blink, and tap the Yubikey button. Your Yubikey is now registered to your account as your default 2-Step Verification device!
At the end of the process, the screen will display all devices that are registered to your account, so you can easily add another Security Key or remove registered keys. If you accidentally lose a Yubikey, come here and remove it from your account.
Logging In To Your Google Account
The login process is fairly simple as it will start normally, with your password and username. The second step will ask you to confirm the Yubikey and you will do so by inserting it in your computer. Wait for it to blink and tap on it when it does.
If you do not have the Yubikey with you, click Use a verification code instead. You can then use either a SMS text message with a backup code, or one of the eight backup codes you previously saved.
Where else can I use Yubikey?
The device is versatile enough to allow users to implement it on various accounts. This definitely simplifies the process of adding an extra layer of security to the most important accounts a user has.
Setting up for your Dropbox account
As an individual, you will use a Yubico U2F-compliant key with your Dropbox account. As you already imagine, once the 2-factor authentication is implemented, no hacker will be able to break your account without having access to the entire process.
To use the Yubikey you will need the following:
- An updated Google Chrome browser (starting with the version 38)
- One Yubikey device (you will have the possibility to choose the version)
- One of your fingers (this is a capacitive sensor)
- A Dropbox Account
Follow this link for step-by-step instructions on the setup process: //www.yubico.com/why-yubico/for-individuals/how-to-use-your-yubikey-with-dropbox/.
Setting up for PayPal
For this, you will need the Yubikey VIP which is programmed to work with the Symantec VIP credential. The Symantec VIP credential is used all over online financial apps and this includes PayPal and eBay purchases. This is the main reason behind the association with the Yubikey.
You can learn more information by following this link: //www.yubico.com/applications/internet-services/paypal-ebay/.
Setting up for the Windows Security System
It’s absolutely normal to want your Windows to be more protected and using the Yubikey device, it will be. The Windows Security System can be easily configured to ask for both the password and the Yubikey action before allowing you access to the main desktop.
We recommend creating a backup Yubikey for such an important account. This way, in case the primary key is lost, you’ll have a spare. For more information follow this link: //www.yubico.com/applications/computer-login/windows/windows-login/.
Setting up for Mac
To set the Yubikey for a Mac computer, you will need the Cross Platform Personalization Tool. To find out more detailed information, follow this link: //www.yubico.com/applications/computer-login/mac-os-login/.
If you wish to purchase the Yubikey or need help with setting up the Yubikey or any 2 step authentication, feel free to contact Onsite Helper on 03 9999 3106 or email@example.com Yubikey starts from $29 each.
Stay safe online