SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Yubico bolsters security with YubiKey 5.7 firmware update

Tue, 7th May 2024

Yubico has announced significant updates to its YubiKey 5.7 firmware. The updates include increased passkey storage and expanded security, designed to further empower organisations to adopt passwordless-first, modern authentication strategies, thereby ensuring their customers and employees are phishing-resistant.

The new firmware, which focuses on enterprise requirements, demonstrates Yubico's commitment to providing simple, scalable, and secure authentication solutions. The enhanced features, such as improved PIN complexity, enterprise attestation, and expanded passkey credentials storage, will be available to purchase in late May 2024.

Jeff Wallace, senior vice president of product at Yubico, said, "Organisations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fuelled by compromised employee login credentials...We're excited to continue offering best-in-class solutions that protect organisations and accelerate their transition to passwordless with the latest enterprise-focused updates to the YubiKey. We're confident that organisations are now better equipped than ever to enforce compliance requirements and elevate their security posture throughout their organisation."

The updated features will allow organisations to streamline processes such as asset tracking and account recovery while also enhancing flexibility. For example, the expanded passkey and passwordless storage will provide ample storage space to meet authentication needs while maintaining robust security standards.

Alongside these updates, Yubico also announced the availability of their Yubico Authenticator 7, which will support the upcoming YubiKey 5.7 features. Through features like localisation in French and Japanese and availability on all major desktop platforms and Android, the Yubico Authenticator 7 provides strong security by enabling users to store credentials on a YubiKey instead of a mobile phone, significantly reducing risks posed by remote attackers targeting software-based authenticator apps.

The upcoming capabilities in the new 5.7 YubiKeys also align with recent U.S. Government memo requirements on adopting phishing-resistant MFA and offer advanced key management functions. Enforcing the blocking of simple patterns and common PINs at the hardware level further supports compliance with upcoming NIST requirements and corporate mandates.

The release of YubiKey 5.7 firmware and the Yubico Authenticator 7 aims to assist organisations in strengthening their cyber security measures by focusing on passwordless, modern authentication strategies. With more complex PINs, greater security, and ample storage space, these updates lay the foundation for a more secure digital environment.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X