Mastodawn

Sean Zadig Feb 7, 2023

This is great - Google providing 100,000 free security keys through 2023 to high-risk users. (Though I am still disappointed that - after all of the joint early work Google did with Yubico - they went with Feitian instead of Yubico to provide the raw hardware for the current Titan Security Key series.)

https://blog.google/technology/safety-security/new-partnerships-and-100000-security-keys-to-protect-high-risk-individuals/

#securitykeys #google #yubico #yubikey

New partnerships and 100,000 security keys to protect high-risk individuals

We're partnering with the International Foundation of Electoral Systems and expanding our work with Defending Digital Campaigns leading up to the 2024 U.S. elections

Google

Show thread

BrianKrebs Feb 7, 2023

@tychotithonus That's terrific. A while back Google asked for feedback and I said they should steer all their Google Shield participants toward getting and using security keys. I don't know if this applies to those folks going forward (it should) but this is a good first step if not.

Show thread

Oli Feb 8, 2023

@tychotithonus I never really understood why they moved away from Yubico. Do you have a a reference that’s understandable by non security experts?

Show thread

Oli Feb 8, 2023

@tychotithonus like I feel like FedRAMP was part of that decision.

Show thread

Royce Williams Feb 8, 2023

@olisuritz I honestly have no idea, other than wild, pessimistic, and unsubstantiated / unfair conjecture like A) raw expense (Feitian providing a steep discount), and B) GOOG wanting to score points with an important market.

Re FedRAMP, I thought Yubico was already comfortably in there:

https://www.yubico.com/industries/federal/

YubiKey for Federal Government

Government entities have to follow a standard of high assurance security protocol, the YubiKey meets these standards as 1 or 3 DoD approved authenticators

Yubico