New Authenticator in Town

There's a new authenticator in town and it's called Yubico Authenticator. Check out the video and read more about it at the previous link. It's an alternative to the Google or Microsoft Authenticators or any of the other authenticator apps out there.

So what makes this new authenticator different? It requires a YubiKey to work. YubiKey's are the hardware security token from Yubico that are widely used for hardware secured multi-factor authentication solutions.

With most authenticator apps, you simply install the app on your mobile device and when you need a two-factor authentication code, you bring up the app, generate the code and type it in where required. Everyone agrees that two-factor authentication is currently one of the best defenses we have against hackers stealing access to our online accounts. Some feel that authenticators need more security, beyond the mechanism by which they generate the two-factor codes on a mobile device.

This is where the Yubico Authenticator stands out. You can install the authenticator on your mobile device and your computer. However, in order to generate your two-factor authentication codes, you have to use your YubiKey. On the computer, the YubiKey must be inserted into the USB port to generate the code. On your mobile device, you must scan your YubiKey using NFC (Near Field Communication) meaning you tap the YubiKey against your mobile device to generate the code.

In the case of the YubiKey Authenticator, the codes are securely stored on the physical YubiKey, which is paired to your mobile device and computer. This means that the bad actors would need to gain access to your mobile device or computer and have your unique YubiKey in order to generate a two-factor code. This seems to be the most secure authenticator currently available.

I've been testing it for a while now and I like it. You have to be sure that you have your YubiKey with you in order to use it, so that could become an inconvenience for some, so consider that if you think you may want to move in that direction. The inconvenience is worth the added layer of security in most cases. What do you think? Comment on this post and lets discuss.