Okta announced on Wednesday that it's partnering with Yubico, a provider of authentication and encryption hardware devices, to add another layer to its multi-factor authentication (MFA) security lineup. Through a new partnership, Okta will offer free Okta-branded YubiKey Starter Packs to every Okta customer organization using Okta MFA and Okta Adaptive MFA.
From a security point of view, a large number of threats today are ones targeting users, not organizations, and specifically end-user passwords. Despite repeated warnings, many people still use poor, easy-to-guess passwords. Paired together with social engineering -- where threat actors get a user to volunteer their username and password -- end-users have quickly become the weak link in a company's cyber defense strategy.
Also: 7 tips for SMBs to improve data security TechRepublic
To that end, Okta said the use of physical security keys offers a way for organizations to thwart cyber criminals from stealing sensitive information from high value targets due to compromised credentials. When you use multi-factor authentication, you're requiring an additional factor beyond user name and password. In this case, the YubiKeys are the second factor with Okta MFA.
Starting today, Okta will give away two YubiKeys to every Okta customer, existing and future. If businesses want to implement more keys beyond the two, there's a referral agreement between Okta and Yubico to expedite the process.
Also: Best Home Security Devices for 2018 CNET
"Okta has always been about best of breed approaches," said Joe Diamond, senior director of cybersecurity products at Okta. "Hardware keys are a good example of that. We also integrate with RSA and legacy MFA hardware tokens. There are still a lot of large organizations that have legacy hardware deployments and we want to give them the ability to still use that."
Previous and related coverage:
If you trust Google, this is the second-factor security key for you.
The acquisition helps Okta further its vision for contextual access management.
Okta plans to turn single sign-on into an identity platform.