YubiKey NEO's physical NFC key can now unlock apps on iPhone 7 & later

AppleInsiderAppleInsider
Posted:
in iPhone
Taking advantage of the more open NFC access on iPhones made possible with iOS 11, Yubico has announced that its physical YubiKey NEO authentication key can now be used to unlock compatible iOS apps.

yubikey-iphone-nfc


Developers must implement support by way of the YubiKit 1.0.0 iOS SDK, Yubico said. At the moment the only compatible app is the password management title LastPass, which supports two-factor authentication by tapping a registered NEO on the back of an iPhone.

Only the iPhone 7, 8, and X can take advantage of the technology, despite the presence of NFC chips in some earlier iPhone models. Use with LastPass is further limited to people with that app's Premium, Families, Teams, or Enterprise subscriptions.

Hardware keys are potentially more secure than other forms of authentication, rendering most or all online attacks useless. They can also be convenient for people who would rather not type in a password or passcode.

Relatively few companies have taken advantage of iOS 11's wider NFC permissions, known as Core NFC. One of the first was Abbott, which markets a compatible glucose reader, the FreeStyle Libre.

Comments

  • Reply 1 of 7
    SoundJudgmentSoundJudgment Posts: 187member
    This physical-keypass is going to grow in usage for the next few years.
    gatorguymacgui
  • Reply 2 of 7
    HeliBumHeliBum Posts: 129member
    Great. We're back to dongles again. (Yes, I was being sarcastic, but it's an honest sentiment.)
    edited May 2018 mac_dogwatto_cobra
  • Reply 3 of 7
    gatorguygatorguy Posts: 24,211member
    SoundJudgment said:
    This physical-keypass is going to grow in usage for the next few years.
    I agree. Darn solid security, I use one myself.
    mac_dog
  • Reply 4 of 7
    roakeroake Posts: 811member
    gatorguy said:
    SoundJudgment said:
    This physical-keypass is going to grow in usage for the next few years.
    I agree. Darn solid security, I use one myself.
    The FBI will start demanding to hold the Master Dongle...
    mac_dogwatto_cobra
  • Reply 5 of 7
    GG1GG1 Posts: 483member
    I used to carry a physical RSA dongle for work 10+ years ago. It was replaced by an app on my iPhone.

    But this device is really slick. Make it smaller to embed in jewelry or thinner to put in your wallet. Or embed inside your body.
  • Reply 6 of 7
    macguimacgui Posts: 2,357member
    As we are starting to move towards keyless locks for homes, we move towards 'keys' for our iOS apps.

    I like the idea, similar to the hardware encryption keys for some external hard drives. I'd also like to see the Apple Watch designed to be a second authentication device for apps on your iPhone. It can unlock Macs.
  • Reply 7 of 7
    zimmiezimmie Posts: 651member
    LastPass' implementation of YubiKey authentication seems kind of iffy. Based on their description, the token isn't involved in the encryption or decryption of the data. This suggests to me they could make a change to the service to just accept any token (bypassing it for themselves).

    I wonder if AgileBits is looking into this. I would like to see a comparison of implementations.
    likethesky
Sign In or Register to comment.