SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Yubico launches FIDO Pre-reg, with Okta as first IdP partner
Sun, 8th Oct 2023

Yubico, the provider of hardware authentication security keys, has officially announced the initial availability of FIDO Pre-reg, an industry-first capability that delivers secure and seamless passwordless onboarding and account recovery/reset from day one at scale for enterprises.

Available exclusively as part of YubiEnterprise Subscription, FIDO Pre-reg simplifies the way organisations can adopt modern, phishing-resistant MFA with a frictionless and easy user experience, the company shared in a statement.

With Okta as the inaugural identity provider (IdP) partner, both companies jointly shared the news at Oktane 2023 in San Francisco earlier this week,.

Jeff Wallace, Senior Vice President, Product at Yubico, says, “Organisations have historically been challenged to accelerate user adoption of phishing-resistant MFA and FIDO passkey solutions like YubiKeys at speed and scale."

“Typically, administrators manually register YubiKeys on behalf of each employee before delivering to them in-office or shipping the key to the employee’s location."

"FIDO Pre-reg eliminates these challenges and provides a quick and easy way to adopt phishing-resistance throughout a company on day one with turnkey YubiKey activation - all while reducing IT costs.”

With FIDO Pre-reg, users experience secure, passwordless access to their online accounts in minutes with a phishing-resistant FIDO2/passkey credential by navigating to a web application or IdP login provided by their IT department and entering in a PIN supplied by IT, the company states.

As part of a Limited Early Access period, Okta customers in the US will be able to order pre-registered YubiKeys - enabling IT departments to ensure improved security for their environments while delivering users a fast and efficient way to protect their online accounts.

To participate, Okta customers must purchase keys via Yubico’s YubiEnterprise Subscription program and must have Okta Identity Engine (OIE), Okta Adaptive MFA (AMFA) and Okta Workflows.

David Bradbury, Chief Security Officer, Okta, says, “Phishing-resistant authentication needs to be the new security standard, which is why we need to make it easy to use for both IT and end-users."

“Okta and Yubico can now not only give customers the security and assurance needed to protect their enterprise resources, but also the flexibility and ease to adopt the FIDO Pre-reg solution quickly.”

Key new features and benefits of FIDO Pre-reg includethe following:

  • Accelerated ability to adopt phishing-resistant MFA with a new out-of-the-box FIDO authentication experience for enterprise users starting day one, enabling them to get started on the most secure form of passkey authentication, all while reducing the burden on IT departments and their users.
  • Eliminates manual user registration as users can now receive YubiKeys that are pre-registered with the organisation’s Identity Provider (IdP).
  • Secure, passwordless access to online accounts in minutes. Users can access the YubiKey and enter in the PIN to successfully authenticate with a phishing-resistant FIDO2/passkey credential, without needing a password.
  • Exclusively available through the YubiEnterprise Subscription program, which delivers greater business flexibility and agility with a YubiKeys as a Service model, lowering cost to entry.
  • YubiKey 5 NFC and YubiKey 5C NFC will be the first keys to support FIDO Pre-reg available via YubiEnterprise Subscription as part of a Limited Early Access, and all YubiKeys will be available at General Availability in mid-2024.
  • Account recovery with "always on" phishing resistance. Users can establish new phones/computers as trusted devices when accessing their online accounts with a portable authenticator that works across devices and platforms.