Google Authenticator is a mobile authentication app.
N/A
Yubico YubiKeys
Score 9.5 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.
Other options exist for 2FA: IBM, ATT, RSA, Authy, and other hardware and software-based companies provide 2FA services to individuals and organizations. Google Authenticator was chosen for its ease-of-use, reliability, robust security, and accessibility to the entirety of the …
Google Authenticator has very limited features available where Yubico can suffice all the authentication method requirements and can be installed on-premises as well. It can completely replace the Google Authenticator. Yubico has hardware based authentication as well apart from …
Google Authenticator and Microsoft Authenticator are both consumer (and commercial) grade products so they are expected to be easy to use. When you move to a more advanced product such as Yubico, there's a reason why you are not using the "easier" methods. The reasons may …
I've never really used any other physical keys, I mean I've used multifactor authentication from Google Authenticator or Duo, but never another physical key, so this is my first experience with that.
If you compare it to authenticator apps, I'd say it's much more easy to set this up for the individual user. Well, it's Swedish. It's also very well documented. There are a lot of guides on how to use them and I have a lot of faith in the security posture of Yubico and how the …
Yubico YubiKeys are way better than those old RNG tokens where you have to type in the number. The YubiKey enters the number for you and often can be used in other modes that don't require number entry at all. It is modern and convenient. I prefer authenticator apps like Google …
Yubico YubiKeys are a nice addition to a TOTP like GA. Since they are not battery based, they are incredibly reliable and always available, even if you've dropped your phone into the toilet. The only downside relative to TOTP is that some devices may not have the appropriate …
I liked the Kensington Verimark fingerprint scanner initially because it made signing into Windows simple and secured it within the household, but didn't like the additional complexities of setting it up and needing a driver. That would have required the IT support team to …
It is supported by virtually all cloud-based software applications for business. I am happy to allow users to use this in addition to other authenticators. Certainly, if your business is in the Google cloud it makes sense, but my approach to the remote/virtual work world these past couple of years has been structured flexibility. Leaving some choice up to the users for their own comfort, particularly when they are using their own devices. I cannot think of a scenario where it is less appropriate - perhaps where you run the risk of "app sprawl". I.e., where you are requiring users to handle multiple authenticators (which can happen with certain pieces of hardware) you may want to encourage consolidation into one to avoid frustration.
I think, as I said, it's perfectly suited for second-factor authentication where all you have to do is a security team registers the key and you put it in your laptop and then you use it as a second factor. I think that's the best use case governing all access to making it a mandatory second factor so not relying on your cell phone or authenticator app, you just have this hardware thing which is much more secure and you can carry it with you as well when you are traveling.
Remote access. I'm able to sign documents with the certificates that we have placed on our Yubico YubiKeys, so it's nice to be able to sign a document from anywhere, from any computer with my YubiKey instead of having to look for an adapter for my common access card.
I once performed a factory reset of my smartphone which had Google Authenticator. I didn't have a backup for the device. When I restored my phone with the same google account, I was not able to restore the authenticator app settings. I had to add all the keys back into the app to use it. This is cumbersome, but I understand it is set up this way for security reasons.
I don't like the ease with which it lets you delete a key. If I accidentally delete a key, I am doomed to get my 2FA key reset, unless I still have the QR code saved somewhere.
It can be about access control because either right now it's just you have access or you don't have access. I think there can be a use case where you are allowed a particular set of servers and not a particular set of servers. I think maybe it's there or we don't use it, but I haven't seen that. I think I've used Yubico YubiKeys at two companies and I haven't seen that. Maybe that's something that can be added.
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
I have not faced any technical challenge personally using this application. It's very lightweight and doesn't require many system resources on your mobile device.
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
I have found Google’s support to be hit or miss. There are times when they are very responsive, and I get my issue resolved quickly, and there are times where a response from them takes weeks. There is no in-between. But my support experience with this particular product is nonexistent because I have not had a problem with it yet. Hopefully, we do not have any problems with it either.
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
We deploy Google Authenticator in residential and non-managed client scenarios. Google Authenticator can perform the basic functions needed for multi-factor authentication but lacks the more advanced features of solutions like Cisco's Secure Access by Duo. Google Authenticator is our go-to solution for anyone ready to increase their security but struggling to find the necessary technology budget.
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever features we need personally and for our customers. So they provide all those features, but versus the other brands.
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
More secure data = less worried about a data breach.
Takes longer to log in, and if I don't have my phone then I have to go looking for it, so it really makes it so that you can't be without your phone, which in certain instances is annoying or not possible and can hold up work time.
Everyone is willing to use the same program because everyone likes Google—makes it easier to manage.
I think it's the flexibility in being able to let users pick the type of authentications that they want to use. Some are comfortable with the touch device on the physical Yubico YubiKeys. Others prefer the mobile app. So it provides flexibility for our users to choose how they want to authenticate without running a file of our security requirements.