Security conscious Apple users should take a look at YubiKey 5Ci
If you’re passionate about security and privacy (and you should be) then you may want to know that the world’s first Lightning-compatible security key is available now, from one of the big names in hardware-based authorization, Yubico.
Introducing the YubiKey 5Ci
The YubiKey 5Ci was announced at CES earlier this year. It’s the world’s first security key to feature a dual Lightning and USB-C connector for secure authentication for iOS, Android, MacOS, and Windows devices.
It lets you lock your device up to protect data, passwords, applications, networks and more. This makes it a compelling proposition for any major enterprise – which is why products from the company are already in useby 9 of the top 10 internet brands.
What does Yubico say?
“The YubiKey 5Ci fills a critical gap in the mobile authentication ecosystem,” said Jerrod Chong, Chief Solutions Officer, Yubico.
“It is the first iOS-friendly security key on the market to offer strong, yet simple authentication over a Lightning connection, while still delivering a unified experience across other mobile, desktop or laptop devices. In an increasingly mobile-first world, where users are not tied to one machine, the YubiKey 5Ci serves an important role as a portable root of trust, proving that users are who they say they are, no matter what device they are on.”
How does it support third party apps and services?
The people who made the key have worked with other companies to provide support for it.
These partnerships mean the key will let you secure access to your password managers, adding a welcome additional layer of security to 1Password, Bitwarden, Dashlane, Idaptive, LastPass, and Okta. If you don’t have the key, you won’t get into the passwords.
You can also access other services, such as Bitbucket.org, GitHub.com, Login.gov, Twitter.com, and 1Password.com, using the Brave iOS browser, which iscurrentlythe only iOS browser to support WebAuthn over Lightning.
How can app developers support the key?
App developers hoping to introduce support for the key in their apps can use the Yubico Mobile SDK for iOS. This should be of particular benefit to enterprise developers.
What are partners saying?
Yubisoft provided the following list of quotes from existing partners:
- “We are thrilled to roll out WebAuthn support for 1Password, in partnership with Yubico. 1Password is continually looking for ways to increase the security of our customers, and the all-new Yubikey 5Ci provides a great extra layer of security on iOS devices.” — Jeff Shiner, CEO, 1Password.
- “Industry realists will be the first to admit that security is only as effective as it is convenient. The YubiKey 5Ci works across devices and operating systems, and Dashlane is excited to partner with like-minded businesses that are more focused on making digital life simple and secure than building ecosystem lock-in.” — Emmanuel Schalit, CEO, Dashlane
- “Security and privacy are the fundamental goals of every aspect of the Brave browser. We’re always looking to provide a seamless and safe online experience. That means integrating the most effective authentication technologies as soon as they’re available. We’re excited that Brave is the first mobile browser to feature robust and secure phishing-resistant login by adding support for the YubiKey 5Ci.” — Brendan Eich, CEO and Co-Founder, Brave
What kind of security does this support?
The key is equipped with FIDO2/WebAuthn, FIDO U2F, OTP (one-time password), PIV (Smart Card), and OpenPGP. With support for multiple authentication protocols, the YubiKey 5Ci also provides strong multi-factor (MFA), second-factor (2FA), and single-factor passwordless authentication.
What do the reviews claim?
Early reviewers are very positive, but point out that until WebAuthn tech is used by more sites and services the usefulness of the tech should improve. All the same, a solution like this absolutely provides the best security you can currently find.