With reports of phone SIM hackers highjacking people's phone numbers and accessing banking and other accounts by intercepting two factor authentication numbers via SMS messages, it's high time to stop trusting SMS as a second factor of authentication.
While there are online services out there such as the Google Authenticator app, Symantec's VIP app and others, there are also hardware keys that not only authenticate you, but also authenticate the site you're connecting to, so you know that not only is your password accepted, but the site you're connecting to is legit as well.
Yubico's Yubikeys have been a very popular way for companies, organisations, educational institutions, government departments and individuals to better protect their accounts, and now this protection has come to iOS devices with a Lightning port, with some app and one browser support to start with, and plenty more to come.
Macworld has a great review of the key, with pros and cons. Personally, I was able to set up my Gmail account on my Mac via the Chrome browser without issue - Safari is meant to be compatible in macOS 10.15 Catalina that's due to launch this sometime this week, if the rumours are true.
I cleared Chrome's cache and history, logged into my Gmail account and was asked to insert the key into the USB-C port. Once I did, I had to touch the 5ci's golden contacts, and upon doing so, the key was recognised and I was logged into my Gmail account.
Macworld also notes that iPad Pros with USB-C ports aren't supported yet by this key, but with the key being fully standards-based, it's only a matter of time before Apple gets with the program and supports this key in full.
The Brave browser for iOS also supports the 5ci in various log-in scenarios (as described below), while a range password managers and more as you can see here, including 1Password, Dashlane, Lastpass, Okta and others, are supported for iOS with the Lightning side of the Yubikey.
I tested this with the 1Password app on my iPhone 11 Pro Max, and it worked! I first needed to set up two factor authentication on my account in the browser - in this case Safari 13.0.1 on my Mac running macOS 10.14.6 Mojave (so not Catalina yet) and it worked - my key was added.
Then when I opened 1Password on my iPhone, it needed my Yubikey 5ci to be plugged in before it would continue, and as noted, it worked like a charm.
So, what did Yubico have to say about the Yubikey 5ci in Australia, when its Regional Manager for Australia and NZ, Tim Murphy, launched the 5ci in Australia?
Well, the launch video can be seen in full below, but it comes just before Australia's "Stay Smart Online Week", which runs from 7 to 13 October, 2019, and so this is a very timely reminder for us all to improve our security.
Tim Murphy, Yubico’s Regional Manager for Australia and New Zealand, said in an increasingly mobile-first world, where users alternate between desktop machines and devices, the YubiKey 5Ci serves an important portable root of trust.
“The YubiKey 5Ci fills a critical gap in the global and domestic mobile authentication ecosystems,” said Tim. “We’re excited to be able to deliver the world’s first iOS-friendly security key on the market which offers strong, yet simple authentication over a Lightning connection, while still delivering a unified experience across other mobile, desktop or laptop devices.”
“With online attacks and cyber crimes on the rise, Yubico is leading the way in helping making it safer but easy to prove that users are who they say they are, no matter what device they are on. We’re one step closer to creating a future without passwords.”
Here's the video of the launch, more info on the apps and authentication protocols that Yubikey 5Ci works with is below, please read on!
As Yubico explains, the YubiKey 5Ci "can be used to secure the 1Password, Bitwarden, Dashlane, Idaptive, Keeper Security, LastPass, and Okta iOS mobile applications along with additional services accessed through the Brave iOS browser app.
"Supported logins on the Brave browser include Bitbucket.org, GitHub.com, Login.gov, Twitter.com, and 1Password.com. Monkton Rebar and XTN also support the YubiKey 5Ci in their latest software development kits.
To support a growing ecosystem, Yubico says it "continues to work with industry leading iOS applications and browser supported services through the Yubico Developer Program. Partners with anticipated YubiKey 5Ci app support include: Dropbox, SecMaker, and more".
Info on the Yubico Partner Program for Mobile is here.
As Yubico notes, "Authentication with the YubiKey 5Ci is also available over a USB-C connection, which is compatible with nearly every USB-C equipped laptop or mobile device, working with hundreds of applications and services currently listed in the Works with YubiKey catalog. Some capabilities are not currently supported on iPad Pro models with USB-C ports.
"As the latest addition to the multi-protocol YubiKey 5 Series product line, the YubiKey 5Ci is equipped with FIDO2/WebAuthn, FIDO U2F, OTP (one-time password), PIV (Smart Card), and OpenPGP. With support for multiple authentication protocols, the YubiKey 5Ci delivers strong multi-factor (MFA), second-factor (2FA), and single-factor passwordless authentication for a simple and seamless user experience across the entire computing ecosystem. It is currently available for purchase via the Yubico website, at a retail price of $70 USD.
"Application developers interested in adding support for the YubiKey 5Ci into their iOS mobile apps, can access the Yubico Mobile SDK for iOS — along with other helpful resources such as implementation guides, webinars, or reference code here.
"Additionally, Yubico announced a sneak preview of the YubiKey 5C NFC, the upcoming USB-C security key enabled with NFC. This key will provide yet another authentication option for all environments supporting iOS, Android, Windows, MacOS, and more, all on one key. Arriving this coming Summer, this new device will deliver the same multi-protocol functionality and user experience of the YubiKey 5 Series, with updates on product availability able to be signed up for here.
"More info about Yubico and the range of YubiKeys is here."
Here's another video from Yubico showing the 5Ci in action: