Hi [[ session.user.profile.firstName ]]

FIDO2 Authentication Demystified

Watch this webinar to learn what FIDO2 Authentication is, and how to architect FIDO2 Authentication within applications. This session is led by Derek Hanson, Yubico Senior Director of Solutions Architecture and Standards.

Key topics include:
- What is FIDO2
- Passwordless Login Demystified
- Making sense of FIDO2, WebAuthn, CTAP and U2F

This webinar is intended for Product managers and developers, though it is open to anyone interested.
Recorded Jun 13 2018 25 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Derek Hanson, Luke Walker
Presentation preview: FIDO2 Authentication Demystified

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Leverage Microsoft Azure AD and YubiKeys for MFA in the Enterprise Nov 19 2019 5:00 pm UTC 60 mins
    Derek Hanson, VP Solution Architecture, Yubico / Libby Brown, Sr. Program Manager, Cloud Authentication, Microsoft
    For many enterprise organizations, one of the challenging components to going passwordless is an environment that includes on-premise and cloud applications. Innovations from both Microsoft and Yubico support the flow of secure authentication using different identity and access management methods. During this webinar, we will go deeper into use cases involving the passwordless setup for mixed environments through the new features supported in Microsoft Azure AD utilizing YubiKeys.

    Attend this technical webinar to learn about:

    * Azure AD architecture for passwordless and hybrid support
    * The journey towards passwordless for enterprise organizations
    * Enabling YubiKeys for passwordless authentication
  • New Strategies to Protect Healthcare Employees from Breaches, Scams & User Error Recorded: Sep 20 2019 56 mins
    Andy Nieto, Global Healthcare Solutions Manager, Lenovo / Allison Heeter, NA Brand Ambassador, Lenovo / Abby Guha, Sr. Direct
    In a recent Lenovo Health webinar, fifty percent of the participants confirmed that employee neglect represents their biggest security threat--and with good reason. It has been found that healthcare employees click on 1 out of every 7 phishing email scams, and nearly a quarter of healthcare employees write their user names and passwords near their computers.

    Fortunately, a multitude of security tools are available now to simplify security and protect employees from costly missteps. In this session, a panel of security experts will share their insights on the most effective employee security strategies, including:

    * How to identify your organization's greatest risks
    * The latest hardware and software solutions for data and identity protection
    * Best practices for ongoing employee education
  • Enabling Passwordless Authentication with a Secure Root of Trust Recorded: Sep 19 2019 43 mins
    Abby Guha, Senior Director Product Marketing, Yubico
    Even though many organizations have implemented multi-factor authentication (MFA) through mobile push, or One Time Passwords (OTP) via SMS and mobile apps, these authentication techniques have been shown to be very vulnerable to account takeovers.

    As most users have multiple devices they use on a day-to-day basis to log into websites, services and applications, how do you enable fast, easy, and secure authentication to every device? New standards such as FIDO2 and WebAuthn now make this possible, and easy to implement.

    Attend this session to learn:

    * What is a root of trust
    * Why a secure root of trust is important
    * How a WebAuthn powered root of trust works
    * The key benefits of passwordless login for your employees, partners, and customers
    * Portable root of trust use cases
  • Paving the Way to a Passwordless Future Recorded: Aug 21 2019 64 mins
    Abby Guha, Senior Director, Product Marketing, Yubico; Jim Manico, Founder, Manicode Security
    It is increasingly apparent that authenticating only with username and password is no longer sufficient as stolen passwords are responsible for 81% of data breaches. And even though many organizations have implemented multi-factor authentication (MFA) through mobile push, or One Time Passwords (OTP) via SMS and mobile apps, these authentication techniques have been shown to be vulnerable to account takeovers.

    Attend this webinar to learn:

    * How WebAuthn, the new web authentication standard, is paving the way for a highly secure passwordless future
    * The key benefits of passwordless login for your employees, partners, and customers
    * Best practices for enterprise authentication
  • Go Passwordless with Yubico and Microsoft: WebAuthn, FIDO2 and Azure AD Recorded: Jul 30 2019 53 mins
    Hormazd Romer, VP Product Marketing, Yubico and Jon Wojan,Partner Technical Architect, Microsoft
    Secure passwordless authentication is coming to a computer near you! WebAuthn, a new standard published by the W3C, along with the FIDO2 spec now make this promise a reality. Microsoft’s upcoming support for Windows 10 passwordless login via Azure Active Directory means soon hundreds of millions of users will be able to experience the convenience of passwordless login at a higher level of security than the traditional combination of password and multi-factor authentication (MFA).

    Experts from Yubico and Microsoft will provide an overview of the journey to passwordless, its key benefits, and why it is more secure than typical MFA.

    Attend this webinar to learn:

    * The roadmap to passwordless
    * Use cases and advantages of the WebAuthn and FIDO2 standards
    * How passwordless will work with Windows 10 and Azure AD
    * How to get started with passwordless authentication
  • Improving Enterprise Authentication: Taming the Password Beast Recorded: Jul 26 2019 62 mins
    John Pironti, President, IP Architects / Jerrod Chong, Chief Solutions Officer, Yubico
    Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, top experts will discuss emerging methods for solving the authentication problem, and for building authentication strategies that go beyond the enterprise premises.

    Attend this webinar and you'll learn:

    * what essential questions you must ask yourself and your service providers, before designing an authentication strategy for your business

    * why the FIDO2 / WebAuthn standard shifts authentication paradigms and might support your identity and access management strategy

    * how to support better security and lower friction for both internal and external users

    * what to consider now if you want your authentication strategy to stand the test of time (and whether passwords should be part of the long-term plan)
  • Okta + Yubico: The Path to Passwordless Recorded: Jul 17 2019 46 mins
    Derek Hanson, VP Solutions Architecture and Alliances, Yubico and Swaroop Sham, Product Marketing, Okta
    Using WebAuthn to deliver secure and seamless authentication

    The current use of username and password authentication creates heavy support load due to helpdesk calls, resulting in lost productivity and high IT costs. While two-factor and multi-factor authentication have been demonstrated to be effective in protecting users from account takeover, the lack of global web standards has hampered widespread adoption to date.

    Web Authentication, or WebAuthn, is a new global standard introduced by the World Wide Web Consortium (W3C) and FIDO Alliance for secure authentication to web applications. WebAuthn defines a standard API that enables web applications to easily invoke strong authentication without a password via built-in support to all leading browsers and web platforms.

    With WebAuthn, users and organizations now have more flexibility and can leverage strong authentication using a combination of an external authenticator, such as a security key, and an internal platform authenticator, such as a biometric touchpad or camera on a laptop to access their web service.

    In this webinar, the speakers will cover:

    * Shortcomings of current authentication methods
    * WebAuthn background and its benefits
    * How to achieve strong, user-friendly authentication and move towards passwordless logins
  • Authentication: It's All About the User Experience Recorded: Jun 13 2019 59 mins
    Matt Bromiley,SANS Instructor & Incident Responder and Hormazd Romer, VP of Product Marketing, Yubico
    Authentication: It's All About the User Experience

    Authentication, including passwords, remains a weak link for enterprise security, despite many attempts to improve or strengthen it. Because people must authenticate themselves, effective authentication depends heavily on users, whose experience and willingness to comply often compromise security. This SANS webcast and associated new paper looks at the current state of authentication and ways to deploy a better process.

    SANS senior instructor Matt Bromiley, with insights from Yubico’s Hormazd Romer will talk about the challenges with passwords, existing authentication technologies and recent developments to improve authentication. The role of industry standards, including WebAuthn, will be addressed, along with specific recommendations to implement strong authentication. that protect the organization and provide a better experience for your users.
  • The Future of Authentication: How Two Factor Authentication is Dying Recorded: Jun 2 2019 59 mins
    Dr. Johannes Ullrich, SANS
    We all know that passwords do not work. For many years, ubiquitous phishing attacks, brute forcing, and credential stuffing using reused passwords has shown that organizations should not rely on passwords to authenticate users. This has pushed many organizations to race to implement two factor authentication.

    Two factor authentication has become a lot cheaper and simpler to implement in recent years, but the bad guys didn't rest on their data stashes either, and implemented some effective means to attack sites protected by two factor authentication. In addition, more and more users are using mobile devices as primary means to access web applications. Mobile web applications are often difficult to use with complex passwords and two factor authentication.

    Luckily, standard organizations have been working on this problem, and we now have some emerging standards that are being deployed in popular browsers. In this webcast, you will earn how these new standards like WebAuthn work, how to implement them, and what attacks they protect from.
  • Enabling GRC with Secure Authentication Across the Digital Ecosystem Recorded: May 30 2019 77 mins
    IT GRC Forum
    The days of securing a well-defined perimeter around your organization are gone. The cloud, mobile technologies, the internet of things (IoT) and diverse user groups freely exchange data across digital ecosystems, network and economies. This fluidity, however, means that organizations must secure access at multiple points throughout the organization, or risk letting in intruders seeking to hijack data.

    To manage the increasingly diverse digital landscape, IT and security managers need to move beyond usernames and passwords, and expand their use of multi-factor authentication (MFA) to help provide secure and convenient access to the critical data and systems users need. On this webinar our panel of experts will address how secure authentication can help enable GRC across the digital ecosystem, and they will share tips on:

    • Securing access at all points across applications, devices, users and environments.
    • Sharing insights across security systems to strengthen security.
    • Collecting and analyzing information to stop attacks.
    • How MFA can transform secure access—to any application, from any device, anywhere, at any time.
    • Strengthening identity assurance with privileged users.

    Moderator: Colin Whittaker, founder of Informed Risk Decisions

    Panelists: Jerrod Chong, SVP of Product at Yubico; Richard Bird, Chief Customer Information Officer at Ping Identity; Teju Shyamsundar, Senior Product Marketing Manager at Okta; and Andy Smith, Vice President of Product Marketing at Centrify.
  • Securing PKI with PrimeKey EJBCA and the YubiHSM 2 by Yubico Recorded: May 6 2019 35 mins
    Chris Job - PrimeKey, Professional Services Team Leader / Sebastian Elfors - Yubico, Solutions Architect
    Hardware security modules are table stakes when it comes to maintaining customer trust to protect against data theft and compromise. The world’s smallest hardware security module from Yubico, the YubiHSM 2, is now compatible with EJBCA for a range of public key infrastructure (PKI) use cases. PrimeKey and Yubico offer open source software and tools for implementing PKI based on PrimeKey’s EJBCA and the YubiHSM 2.

    Join Yubico Solutions Architect Sebastian Elfors,and PrimeKey Professional Services Team Leader Chris Job, for a technical webinar on how to secure your most critical data with PrimeKey EJBCA and the YubiHSM 2.

    This session will include:

    * An introduction to securing PKI with a hardware security module
    * Primary setup of the YubiHSM 2
    * Deploying YubiHSM 2 with PrimeKey’s EJBCA
    * Configuring the YubiHSM PKCS #11 library
    * Configuring EJBCA for use with YubiHSM 2
    * Adding and activating YubiHSM 2 Crypto Token in EJBCA AdminWeb
    * And more

    It is highly recommended that attendees read the EJBCA with YubiHSM 2 Usage Guide prior to attending this session in order to get a good baseline understanding.

    The usage guide is available here: https://developers.yubico.com/YubiHSM2/Usage_Guides/EJBCA_with_YubiHSM2.html
  • Enabling Digital Transformation: Best Practices for Authentication Recorded: Mar 13 2019 45 mins
    Abby Guha, Sr. Director, Product Marketing, Yubico
    The digital transformation of financial services is placing new demands on organizations looking to balance ease-of-use with security and stringent compliance regulations. How should financial services organizations provide secure access to customer information, account details, and other sensitive information without all the complexity?

    Most systems and applications require passwords and some may even have text based mobile authentication, but is that enough? How can organizations take advantage of new models for user authentication that offer opportunities to deliver ease of use while adhering to stringent security requirements.

    Attend this webinar to learn:

    - Risky password practices being used in workplaces
    - Best practices for enterprise authentication
    - How to mitigate risk with multi-factor authentication
    - Use cases for providing strong authentication to your employees and customers
  • 2019 State of Password and Authentication Security Behaviors Recorded: Feb 20 2019 59 mins
    Dr. Larry Ponemon, Ph.D., Chairman and Founder, Ponemon Institute and Abby Guha, Sr. Director Product Marketing, Yubico
    Despite the worsening state of online security, are we becoming more security-minded, and better yet, are we following best practices?

    The Ponemon Institute recently surveyed 1,761 IT and IT security practitioners in the United States, United Kingdom, Germany and France regarding password management and authentication practices for individuals both in the workplace and at home.

    What percentage of phishing attack victims changed their password behaviors?
    How many respondents admit to reusing passwords?

    The answers to these questions may surprise you.

    Attend this webinar to hear about the survey results and learn:

    * How privacy and security concerns affect password behaviors
    * Risky password practices in the workplace
    * What authentication technologies are being used
    * The cost of lost productivity associated with password management
    * Best practices for enterprise authentication
  • World's Smallest HSM Secures Modern Infrastructures: YubiHSM 2 Open Source SDK Recorded: Dec 5 2018 35 mins
    Abby Guha, Senior Director Product Marketing (Yubico)
    Security breaches are a growing industry wide problem that in 2018 cost companies an average of $3.8 million per breach. Software storage of cryptographic keys for servers is increasingly vulnerable as attacks become more sophisticated.

    Traditionally, organizations have used Hardware Security Modules (HSMs) that were costly and complex to set up. However, with the YubiHSM 2, organizations of all sizes can enable effective security for cryptographic keys, across the entire lifecycle, in a portable and affordable hardware form factor. And with the new open source SDK, developers can build in hardware based strong security for cryptographic keys across a wider range of platforms and services than ever before.

    Attend this webinar to learn more.
  • The State of Identity and Security in the Age of Cyber Attacks Recorded: Nov 13 2018 48 mins
    Sushila Nair (NTT DATA Services) | Derek Hanson (Yubico) | Ian Spanswick & Rebekah Moody(ThreatMetrix Inc LexisNexis Risk Co)
    Cyber attackers are becoming more sophisticated and data breaches are on the rise. According to a recent report, over 4.6 billion records were breached in the first half of 2018, showing a 133% increase compared to last year.

    With sensitive, personal and confidential data being at risk of ending up in the hands of cyber criminals, enterprises of all sizes are looking to strengthen their security in 2019.

    Join this exclusive keynote panel of industry experts as they discuss:
    - Trends in cyber attacks and breaches
    - Who is at risk
    - How to prevent breaches, data theft and future cyber crime
    - Advances in authentication
    - New in identity and access management
    - Security awareness and training
    - Best practices for securing the enterprise

    - Sushila Nair, Sr. Director Security Portfolio, NTT DATA Services
    - Derek Hanson, Sr. Director Solutions Architecture & Standards, Yubico
    -Rebekah Moody, Fraud & Identity Director, ThreatMetrix
    -Ian Spanswick, VP Professional Services EMEA,ThreatMetrix
  • Who Is A Privileged User, Really? You May Be Surprised by the Answer Recorded: Oct 24 2018 38 mins
    David Treece, Sr. Solutions Architect, Yubico, Bassam Al-Khalidi, Co-CEO and Principal Consultant, Axiad IDS
    Allowing employees to use their own devices, and consequently moving enterprise assets to the cloud, can certainly improve productivity, but also puts the organization at risk for additional security threats. According to Gartner, more than 50% of organizations are unable to extend incumbent authentication methods to safely enable access for an increasingly mobile workforce.

    The way forward? Start by understanding that the IT Team is not your only high security risk. Organizations need ID assurance for every person and every system that puts the enterprise at risk. Until now, achieving this was too complex.

    Enterprises can now cost-effectively and easily extend their current authentication solutions. This all starts with accurately establishing the appropriate privilege level by identifying and defining who or what is actually “privileged”, based on access to sensitive information or privileged data. In this webinar, Yubico and Axiad IDS will discuss:

    - Why identifying privileged users is at the root of data breach prevention and what it takes to extend strong authentication across the enterprise
    - How enterprises can securely and efficiently manage the lifecycle of their devices and credentials, while saving on deployment and IT operational costs
    - The key benefits of enabling hardware-backed two-factor authentication to address the demands of an expanding digital workplace
  • Meet the YubiKey 5 Series Recorded: Oct 2 2018 21 mins
    Alex Yakubov, Sr. Director Ecosystem
    Join us for a session on the new YubiKey 5 Series and learn about the new features and benefits of our latest product line. We'll cover the difference between the YubiKey 5 Series with the YubiKey 4 Series and YubiKey NEO, as well as introduce the use cases and concepts of going passwordless.
  • Making sense of Blockchain and Authentication Recorded: Sep 19 2018 46 mins
    Ali Yahya, Partner, A116Z, Stina Ehrensvard - CEO/Founder, Alex Yakubov, Sr. Director of Ecosystem, at Yubico
    You solve security challenges in the realm of authentication and identity—and now the new buzz word “blockchain” is popping up everywhere. Join Yubico founder Stina Ehrensvard and a16zcrypto Partner Ali Yahya for a session on blockchain and authentication technologies. We’ll help you make sense of these technologies, and how they fit together in the security and identity management landscape.
  • Technical Overview: FIDO2 WebAuthn Server Validation Recorded: Jun 28 2018 75 mins
    Emil Lundberg, Luke Walker
    Watch this webinar for a technical overview of WebAuthn for Relying Parties. This session is led by Emil Lundberg, a key contributor and one of the nine editors of the W3C WebAuthn specification.

    Join us for a deep dive of how to integrate WebAuthn relying party operations into an authentication server.

    Key topics include:
    - FIDO Authentication, CTAP, and WebAuthn
    - Getting started with java-webauthn-server
    - Application structure
    - Data storage
    - Registering credentials
    - Authenticating credentials
    - Best Practices

    This webinar is intended for software engineers, developers, software architects, and product managers, though it is open to anyone interested on the topic.
  • Technical Overview: FIDO2 WebAuthn Data Flows, Attestation, and Passwordless Recorded: Jun 21 2018 32 mins
    Emil Lundberg, Luke Walker
    Watch this webinar for a technical overview of WebAuthn for web applications. This session is led by Emil Lundberg, a key contributor and one of the nine editors of the W3C WebAuthn specification.

    Join us for a deep dive into the core concepts required to integrate WebAuthn into your web application, including what happens behind the scenes during registration and authentication.

    Key topics include:
    - FIDO Authentication, CTAP, and WebAuthn
    - Registration Walkthrough
    - What is Attestation?
    - Resident Keys
    - Second-Factor Authentication
    - Password-less Authentication

    This webinar is intended for software engineers, developers, software architects, and product managers, though it is open to anyone interested on the topic.
Your Key to a Safer Internet
Yubico was founded in 2007 with the mission to make secure login easy and available for everyone. In close collaboration with leading internet companies and thought leaders, Yubico co-created the FIDO U2F and FIDO2/WebAuthn open authentication standards, which have been adopted in major online platforms and browsers, enabling two-factor, multi-factor, and passwordless login and a safer internet for billions of people.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: FIDO2 Authentication Demystified
  • Live at: Jun 13 2018 6:00 pm
  • Presented by: Derek Hanson, Luke Walker
  • From:
Your email has been sent.
or close