Yubico CEO: Two-factor authentication should mirror seat belt’s history
To push two-factor authentication into the future, one expert says we need to look back 50 years.
The way to increase adoption of the security practice is to mimic the rise of seat belts in automobiles, says Yubico CEO Stina Ehrensvard. People must evolve in their thinking about sensitive accounts and personal data in the same way that society expanded its awareness of the need for auto safety, Ehrensvard says.
“In the ’50s, there were 10 times less cars, but more fatal accidents,” Ehrensvard said during a panel at SF CyberTalks presented by CyberScoop. “We put out the car without the seat belts, without the crumple zones, without the airbags, and now they are standard features in cars. Because of that work, the car is safer.”
One thing that consumers probably don’t want to mimic: The timespan it took for safety belts to become a fact of life. They were introduced in the 1950s, but were not required by law until 1968.
Monday marked a milestone in Ehrensvard’s quest to make popular internet services as secure as modern automobiles. Her company, which makes authentication hardware, announced that the Yubico Security Key will be supported in Windows 10 devices and Microsoft Azure Active Directory (AD).
This means that organizations will be able to let employees and customers to sign in to Azure AD based applications and services without a password, simply by using Yubico’s physical key.
The partnership with Windows pushes Ehrensvard’s idea that multi-factor authentication should be as easy as possible to use if it’s ever going to become a normal part of internet’s users routines.
“We created this with a vision of single key to unlock any number of services,” she told CyberScoop. “In order to make it happen, we had to work with leading platforms and browsers to enable native support. If it doesn’t work out of the box, its not going to happen.”
She also said that two-factor authentication will rise with the increased adoption of open standards. FIDO2, an open authentication standard, is on track to be supported on over 600 million desktop and mobile devices around the world running Windows 10 Redstone 4 or later.
