Dugdale Digital Solutions

Yubikeys: Product Features in Summary       

Dugdale Digital Solutions for Yubikey (DDS-Y) provides a vital range of products and services to help customers meet their obligations with respect to the security of their systems and all their data.  Our products not only often fulfil a legal requirement, they also provide complete peace of mind.

Here are the key features of our flagship Yubikey product DDS-Y:

• A two factor authentication (2FA) system compatible with Government Security and Identity Management standards;
• Support for managed cloud service options as well as a private cloud option;
• Support of open standards (OATH) to give flexible choice of token types that can be mixed and matched in the same implementation, saving time, money and complexity;
• Choice of two factor authentication tokens which includes Yubikey standard, NEO and Nano.
• Our product is also:
• OATH Compliant
• Supports Open Source Server Backends
• Uses Non Proprietary Private Seed Initialisation
• In addition, the product is compact, durable, does not require any batteries, does not require device driver installation on end machines, and comes supplied with a list of private key ids for each key

  
  

The Yubikey is a USB device which has two slots for credentials. The Yubikey personalisation tools enable credentials to be amended in either slot, including an option to configure tokens with Yubikey one time password, OATH, challenge response and static passwords.  Easy to use and completely secure.

 

         

Yubikey from Dugdale Digital Solutions: Specification

The YubiKey is a one-time password device for secure login with two-factor authentication. All YubiKeys can be configured.

                                       

The YubiKey is the first authentication product to support the FIDO Universal 2nd Factor standard.

Core features

• Works instantly, no need to re-type pass codes from another device
• Works on Windows, Mac, Linux, iPad, Firefox, Chrome, and all other operating systems
• Identified as a USB-keyboard: no client software or drivers needed
• Minimised size; 2 mm thin, 3 grams
• Practically indestructible; waterproof, crush safe, no battery required
• Integration within minutes with any free and open source server software
• Two slots for multiple configurations: OATH, Challenge-Response and all others
• Also available with NFC (NEO) and minimised form factor (Nano)
• Manufactured in USA and Sweden to best practice security processes and authorisation

 

Where and how it can be used

• Systems Integration
• Remote Access & VPN
• Password Management
• Computer Login
• Single Sign-On
• Content Management Systems
• Disk Encryption
• Internet Services

 

The YubiKey: Security and Peace of Mind

The YubiKey is simply a second security authentication method based on a unique physical token which cannot be duplicated or recorded, providing a credential based on configuration and identification unique to an individual authorised user. Initiated through a standard username and password, the YubiKey provides a strong, two-factor authentication to any site, service or application, increasing actual security and user peace of mind.

Versatile: Any System, Any OS

Any computer which can use a USB keyboard can also use the YubiKey, regardless of the computer hardware, operating system or system drivers. The YubiKey AES Key information can never be extracted from a YubiKey device – only programmed to it. Further, only the YubiKey security related codes are directly read from the YubiKey when in use. No transfer of non-security related data means the YubiKey will never be a vector for viruses, Trojans or other malware.

Durable, Rugged, Secure

The YubiKey hardware itself consists of injection molded plastic encasing the circuitry which makes up the YubiKey while the exposed elements consist of military grade hardened gold. The YubiKey does not contain an internal battery or any moving parts – meaning that a YubiKey will never stop functioning due to lack of power, mechanical issues or internal damage due to exposure.

YubiKey One Time Password

The YubiKey One Time Password (OTP) is a 44-character, one use, secure, 128-bit encrypted Public ID and Password, which is virtually impossible to duplicate or replicate. The OTP is comprised of two major parts; the first 12 characters remain constant and represent the Public ID of the YubiKey token itself.  The remaining 32 characters make up a unique Passcode for each OTP generated. The Passcode is generated from a multitude of random sources, including counters for both YubiKey sessions and OTPs generated. When a YubiKey is validated, the Session and OTP Counter values are compared to last values submitted. If the counters are less then the previously used values the OTP is rejected. Copying an OTP will not allow another user to duplicate a YubiKey – the counter value will allow the validation server to know which OTPs have already been used automatically.

 

Legacy Authentication Methods Support

For services that don’t yet support the YubiKey OTP authentication, the YubiKey still offers a number of options to enhance security. The YubiKey may be used in conjunction with a password manager application, such as LastPass to create long, complex, unique passwords for other services protected with the YubiKey. Alternatively, either of the two slots in the YubiKey may be configured to hold a 38-character static password, an OATH Open Authentication standard passcode or a challenge-response dialog. There are a number of applications, provided both by Dugdale Digital Solutions as well as by YubiKey users themselves which take advantage of the security, usability and reliability of the YubiKey. Dugdale Digital Solutions provides all the code necessary for validating a YubiKey OTP in an open source format to encourage development and support for the YubiKey!