issuhub.com

Macworld - USA (2019-10-B)

(Antfer) #1

72 MACWORLD OCTOBER 2019


iOSCENTRAL REVIEW: YUBICO YUBIKEY 5CI

plain text codes that can be intercepted or
generated, WebAuthn uses public key
cryptography and creates a unique
encryption key for each site.
WebAuthn starts with enrollment. You
visit a site or use an app that
supports the standard, prove
your identity, and then plug in
your WebAuthn-equipped key
like the YubiKey 5Ci, and tap it.
Your hardware device generates
a unique private-public keypair
for the site, and retains the
private key in its tamper-resistant
hardware. It sends the public key
to the site, which stores it along
with the account.
On subsequent visits, when
logging in with any scenario in
which a second factor would be
required—such as a new
browser, a geographically distant


mmmmh

Yubico YubiKey 5Ci

PROS


  • Cryptographic security for
    second-factor login.

  • Supports industry-standard
    WebAuthn for web logins.

  • Backward-compatible with
    older FIDO and similar
    authentication protocols.
    CONS

  • Apple doesn’t yet directly
    support WebAuthn in iOS
    and upcoming iPadOS.

  • Websites still shaking out
    support for Safari Preview
    in macOS, Brave browser in
    iOS.
    PRICE
    $70
    COMPANY
    Yubico


location, or after 30 days,

depending on the site—you

enter a username and password

as before, but then insert and tap

your YubiKey to authenticate.

Because the encrypted

message is generated within the

key and the site already has the

public key associated with you

stored, it dramatically limits the

opportunity for someone to

intercept a message and

prevents generating one that would fool a

site. It also bars sending the message to

any site that doesn’t match the original

URL and doesn’t have the public key with

which you enrolled, deterring phishing

from hijacked websites.

BOTTOM LINE

The YubiKey 5Ci is ready to go,

but all the pieces aren’t aligned

to show it off to its best

advantage. At $70, it may seem

a steep price without websites,

apps, and Apple all having their

act together in iOS, and with a

few rough edges in macOS.

However, as WebAuthn is a

broadly supported industry

initiative that’s well underway

and gaining steam, the 5Ci is the

right portable authenticator for a

future-proofed purchase. ■
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.