CA-YUBICO
Today Yubico (NASDAQ: YUBICO), the leading provider of hardware authentication security keys, announced the upcoming release of YubiKey 5.7 firmware for the YubiKey 5 Series, Security Key Series and Security Key Series - Enterprise Edition. With a focus on enterprise needs, these updates reinforce Yubico’s commitment to providing secure, simple, and scalable authentication solutions. Security keys with firmware 5.7 will be available to purchase in late May 2024, offering enhanced features such as improved PIN complexity, enterprise attestation, and expanded passkey credentials storage. These updates empower organizations to adopt passwordless-first, modern authentication, fostering phishing-resistant users worldwide.
As part of Yubico’s goal of helping enterprises raise the bar for security with greater flexibility, the company also announced the availability of Yubico Authenticator 7 which will support the upcoming YubiKey 5.7 features.
“Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials, frequently resulting from attacks such as phishing. This trend is exacerbated by the rise in use of Artificial Intelligence (AI),” said Jeff Wallace, senior vice president of product at Yubico. “We’re excited to continue offering best-in-class solutions that protect organizations and accelerate their transition to passwordless with the latest enterprise-focused updates to the YubiKey. We’re confident that organizations are now better equipped than ever to enforce compliance requirements and elevate their security posture throughout their organization.”
YubiKey 5.7: Accelerating enterprises to passwordless
To help organizations tackle this challenge, Yubico’s key updates and enhancements to the YubiKey 5 Series and Security Key Series* include:
-
Enhanced PIN complexity across all YubiKey applications
- Block simple patterns and common PINs at the hardware level to enable compliance with upcoming NIST requirements and corporate mandates. This includes FIDO2, PIV, and OpenPGP.
-
Enterprise attestation
- Allow organizations to enforce the usage of YubiKeys that they purchased via custom programmed keys with enterprise attestation. Working in conjunction with identity providers, this capability can also facilitate the retrieval of unique identifiers during FIDO2 registration to streamline asset tracking and account recovery.
-
FIDO2 enhancements
- Empower organizations to enforce compliance requirements and elevate security measures surrounding PIN usage. YubiKey 5.7 implements FIDO Client-to-Authenticator Protocol (CTAP) 2.1, embracing the latest FIDO2 protocol features such as Force PIN Change and Minimum PIN Length.
-
Expanded passkey and passwordless storage
- Provide ample storage space to meet authentication needs while maintaining strong security standards. More storage for FIDO2 discoverable credentials (passkeys) and OATH one-time passwords will now accommodate up to 100 passkeys, 24 PIV certificates, 64 OATH seeds, and 2 OTP seeds at once for a total of 190 credentials.
-
Expansion and enhancement of public key algorithms for PIV applications
- Align with DoD memo requirements and offer advanced key management functions, enhancing flexibility for organizations through support of larger RSA keys (RSA-3072 and RSA-4096), as well as Ed25519 and X25519 key types.
-
Migration to Yubico’s own cryptographic library
- Yubico has developed a library in-house that performs the underlying cryptographic operations (decryption, signing, etc.) for RSA and ECC.
“The new features within 5.7 allow enterprises to streamline critical processes such as asset tracking and account recovery, while also enhancing flexibility,” said Wallace. “These updates empower enterprises with the latest authentication advancements and tools to build specific strategies for creating phishing-resistant users and mitigating phishing threats for employees, external identities, and customers.”
Capabilities in the new 5.7 YubiKeys also align with recent U.S. Government memo requirements on adopting phishing-resistant MFA and offer advanced key management functions. Compliance with upcoming NIST requirements and corporate mandates is also supported by enforcing the blocking of simple patterns and common PINs at the hardware level.
*Note: Smart Card/PIV capabilities, OATH and OTP credentials are not available on any Security Key Series thus these updates are not applicable. Enterprise attestation is available on the YubiKey 5 Series and Security Key Series - Enterprise Edition. See here for more details.
Yubico Authenticator 7: Hardware-backed authenticator app across desktop and mobile
Aligned with the 5.7 firmware release, significant updates within Yubico Authenticator 7 launched today in support of managing these new features. This new version enables use of the new public key algorithms for PIV, bringing more advanced management options and streamlines the interface for a better user experience when handling many credentials. Additionally, it adds localization with official support for French and Japanese, with additional community-provided translations. The app is now available for all major desktop platforms, as well as for Android. Enhanced features for iOS will be coming in the next version of the iOS application. It's the perfect companion to the new YubiKey 5.7, with its expanded credential storage.
The Yubico Authenticator delivers strong security by enabling users to store credentials on a YubiKey instead of a mobile phone, thereby significantly removing risks posed by remote attackers targeting software-based authenticator apps. By incorporating hardware-backed strong two-factor authentication in the YubiKey, credentials stays safe and the bar for security is raised while delivering the convenience of an authenticator app.
For more information on today’s innovation announcements from Yubico, visit here. To get the Yubico Authenticator 7 app, visit here.
About Yubico
Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.
Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.
As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240506185894/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
1GLOBAL Enables N26 to Become Germany’s first Digital Bank to offer eSIM Mobile Plans13.5.2025 14:30:00 CEST | Press release
In a move set to reshape the intersection of fintech and telecom, 1GLOBAL, a technology-driven global mobile communications provider, has teamed up with N26 to enable it to become the first digital bank in Germany to offer local mobile plans. This partnership will grant N26’s German customers seamless access to flexible, affordable, and contract-free mobile connectivity—all activated directly through the N26 app. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250513954446/en/ 1GLOBAL, a technology-driven global mobile communications provider, has teamed up with N26 to enable it to become the first digital bank in Germany to offer local mobile plans. By integrating 1GLOBAL’s cutting-edge API, N26 has unlocked a frictionless mobile experience that eliminates the need for physical SIM cards, lengthy contracts, or cumbersome paperwork. Customers can activate their mobile plans in a few taps, enjoying instant connectivity that mi
Novotech Wins Citeline CRO Partnership of the Year Award for Strategic Collaboration with Tune Therapeutics13.5.2025 14:05:00 CEST | Press release
Novotech a globally recognized full-service clinical research organization (CRO) and scientific advisory company, is proud to announce it has been awarded the Citeline CRO Partnership of the Year Award in recognition of its collaboration with Tune Therapeutics, a pioneering epigenetic editing company. This honor celebrates the teams’ partnership and sets a benchmark for CRO–biotech partnerships. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250513574699/en/ Novotech is proud to announce it has been awarded the Citeline CRO Partnership of the Year Award in recognition of its collaboration with Tune Therapeutics. The CRO Partnership of the Year award honors outstanding collaboration between a CRO and a pharmaceutical or biotech company that has advanced clinical programs through strong alignment and shared goals. Sarah Anderson, Director of Therapeutic Strategy, and Steve Roan, Associate Director of Business Development, acce
KnowBe4 Report Reveals Security Training Reduces Global Phishing Click Rates by 86%13.5.2025 14:00:00 CEST | Press release
KnowBe4’s 2025 Phishing by Industry Benchmarking Report shows a drop in the global Phish-prone™ Percentage (PPP) to 4.1% after 12 months of security training KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its “Phishing by Industry Benchmarking Report 2025” which measures an organization’s Phish-prone™ Percentage (PPP) — the percentage of employees likely to fall for social engineering or phishing attacks, indicating the organization’s overall susceptibility to phishing threats. This year’s report found a global average baseline PPP of 33.1%, meaning a third of employees interact with phishing simulations before taking part in best-practice security awareness training (SAT). The data underscores the significant impact of SAT in mitigating risk. The rapid decline in the global PPP following the implementation of training — falling by 40% in just three months and by a total of 86% after 12 months — demonstrates that
Armis Announces New Global Technology Integration Partners to Bolster Organizations’ Cyber Resilience13.5.2025 14:00:00 CEST | Press release
Strategic partnerships enhance and optimize technology stacks for joint customers Armis, the cyber exposure management & security company, today announced that it has added 10 global technology integration partners over the past quarter. These integrations increase the functionality and efficiency of organizations’ existing technology stacks with added benefits from Armis’ platform and solutions. “Relying on siloed security solutions is no longer enough to gain a comprehensive, real-time understanding of an organization’s attack surface,” said Nadir Izrael, CTO and Co-Founder at Armis. “Integrating Armis’ best-in-class platform with other leading vendors’ offerings empowers businesses to consolidate their technology stacks. By driving greater value in their security investments, organizations can ensure their entire attack surface is continuously defended and managed.” New Armis global technology integration partners include AnzenOT, Brinqa, ColorTokens, EasyVista, SaltyCloud, Salvador
Kyriba Unveils Agentic AI TAI to Transform Finance with Security, Compliance & Trust13.5.2025 13:35:00 CEST | Press release
Liquidity Performance Leader to Fill ‘Trust Gap’, Empower CFOs to Outperform Volatility Kyriba, a global leader in liquidity performance, today introduced its agentic AI solution, TAI – a significant advancement in the safe, compliant use of generative AI in finance operations to improve productivity and efficiency amid continued economic uncertainty. Powered by Kyriba's embedded Large Language Model (LLM) and over 20 years of unmatched global liquidity data, TAI simplifies complex workflows, identifies risks with predictive analytics, and enhances data-driven decision-making across treasury, payments, risk management and working capital. Poised to transform finance and treasury operations without relying on third-party LLM integrations, TAI is a key component of Kyriba’s Trusted AI portfolio. This platform-wide approach prioritizes industry-leading data privacy while empowering enterprise leaders to make faster, smarter decisions with human judgement and responsibility at the center.
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom