Yubico, a company that sells physical security keys for two-factor authentication, today announced the launch of the new YubiKey 5C NFC, pairing USB-C and NFC support in a single device.
According to Yubico, the YubiKey 5C NFC is the first multi-protocol security key that supports smart cards. With the NFC integration, the YubiKey 5C NFC features tap-and-go authentication that works with all major browsers and operating systems, plus it continues to offer a physical USB-C connector.
Like other devices in the YubiKey lineup, the YubiKey 5C NFC is a hardware-based two-factor authentication dongle that is designed to work with hundreds of services to make logins more secure. It's more convenient than software-based two-factor authentication because you don't need a security code. Just connect it to a USB-C device or tap it on an NFC-compatible iPhone to authenticate.
"The way that people work and go online is vastly different today than it was a few years ago, and especially within the last several months," said Guido Appenzeller, Chief Product Officer, Yubico. "Users are no longer tied to just one device or service, nor do they want to be. That's why the YubiKey 5C NFC is one of our most sought-after security keys -- it's compatible with a majority of modern-day computers and mobile phones and works well across a range of legacy and modern applications. At the end of the day, our customers crave security that 'just works' no matter what."
YubiKey 5C NFC is compatible with common password management apps like 1Password and LastPass, and it also works on the web. It supports multiple authentication protocols such as FIDO2 and WebAuthn, FIDO U2F, PIV (smart card), OATH-HOTP and OATH-TOTP (hash-based and time-based one-time passwords), OpenPGP, YubiOTP, and challenge-response, so a single key can work with multiple services and applications.
Apple today seeded the release candidate version of iOS 18.5 to developers and public beta testers, giving us a look at the final version of the update that will be provided to the public next week.
With the release candidate, Apple provided release notes, so we have a more complete look at the new features that are included in the update, including those that weren't found during the beta...
If you owned a Siri-compatible device and had an accidental Siri activation between September 17, 2014 and December 31, 2024, you could be eligible for a payment from Apple as part of a class action lawsuit settlement.
Apple in January agreed to pay $95 million to settle a class action lawsuit involving Siri spying accusations, and a website to distribute the funds has now been set up and...
In its press release for the new Pride Band today, Apple said that iOS 18.5 is "upcoming," following more than a month of beta testing.
We expect the iOS 18.5 Release Candidate to be released this week, and this should be the final beta version, barring any last-minute bugs or changes. The software update should then be released to the general public next week.
iOS 18.5 is a relatively...
We've still got months to go before the new iPhone 17 models come out, but a combination of dummy models and leaks have given us some insight into what we can expect in terms of camera changes.
Apple is adding new camera features, and changing the design of the camera bump for some models. You might be skeptical of dummy models, but over the years, they've proven to be a highly accurate...
Apple plans to release its first foldable iPhone next year, according to several reporters and analysts who cover the company.
In his Power On newsletter today, Bloomberg's Mark Gurman said the foldable iPhone will offer two key advantages over other foldable smartphones.
First, he said the foldable iPhone will have a "nearly invisible" crease when unfolded. This means the device's...
Tuesday April 29, 2025 1:30 am PDT by Tim Hardwick
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
The first iOS 19 beta is just one month away, and there are already many new features and changes that are expected with it.
Apple should seed the first iOS 19 beta to developers immediately following the WWDC 2025 keynote, which is scheduled for Monday, June 9. Following beta testing, the update should be released to the general public in September.
Below, we recap the key iOS 19 rumors...
We used Yubikeys in our org up through last year. They’re $50+ per piece. Our security team doesn’t allow us to deprovision/reprovision them for a 2nd use once they’ve been issued to the first departing employee because they could then contain malware and be compromised- even after following Yubi’s procedures to scrub them.
Needless to say, we don’t use them anymore because if you can’t safely repurpose an IT asset during its service life, it’s a showstopper.
If whatever you're trying to protect isn't worth 50 USD per employee why bother with the yubikeys in the first place? In most organisations I've worked getting a new employee hired, onboarded and trained up is costed in thousands of dollars at a minimum, 50 USD is insignificant compared to that cost, and items under 75 USD aren't tracked on our asset register.
We used Yubikeys in our org up through last year. They’re $50+ per piece. Our security team doesn’t allow us to deprovision/reprovision them for a 2nd use once they’ve been issued to the first departing employee because they could then contain malware and be compromised- even after following Yubi’s procedures to scrub them.
Needless to say, we don’t use them anymore because if you can’t safely repurpose an IT asset during its service life, it’s a showstopper.
Then I have to say as a fellow tinfoil-hat wearer that your security team is really not smart, or really doesn't understand the YubiKey.
It is not possible* for someone to alter the code on a YubiKey once it has been programmed and sealed at the factory.
To me this would be a whistleblower moment for higher-ups. They are throwing away both a massive capital investment, and quite literally (when used properly) the best tool they have against both phishing and lateral movement in their network, because they fail to adequately understand what they are working with and do a proper risk assessment.
Stories like this anger me so much. We need the best security we can possibly get, especially in an age where so many peoples' personal data is being collected and stored. But no, instead of asking the right questions, doing proper research, and doing a proper risk analysis, we're going to use something inferior.
(*as with anything else, yes, I'm sure it's possible somehow, but 1. not by persons of ordinary means and 2. not without physical destruction of the device or other evidence of tampering. Your security team is flushing value down the toilet over the smallest possible chance of compromise.)
I tell people that I use the last 6 digits of pi. With the people I used to hang around with, that usually got a few chuckles, and a puzzled look for whomever I was telling it to. So anyway...
