Menu Close

What is strong authentication

What we consider strong authentication

We consider strong authentication when a minimum of two different authentication factors of different types are blended to improve the safety of identity verification. Passwords alone tend not to present an ample level of security for systems that store or process the data elements defined as restricted. Although passwords are intuitive, they are prone to a multitude of attacks and weak spots such as impersonation, guessing, observing, snooping, borrowing, and dictionary attacks. Therefore, strong authentication techniques are required to minimize the risk involving these high-value systems. Implementing two authentication factors of distinct types instead of one provides an advanced level of authentication assurance.

Taking two-factor authentication a step further

Today, the most common way to access your online accounts is by entering your username and password. This is known as single factor authentication because the user simply needs to prove who they are with a password—their single factor. Two-factor authentication (also known as 2FA or two step verification) is a method to confirm a user’s claimed online identity by using a combination of two different types of factors. These can include:

Something you know

Password or PIN

Something you have

A physical device such as a phone or authenticator

Something you are

A fingerprint, iris or facial scab

The problem with passwords

A staggering 81% of all data breaches are a direct result of weak or stolen passwords. 

Passwords are easily breached

The typical validation method most individuals and business users use today is a single factor password. But usernames and passwords are stored on a server and can be easily breached as cyber criminals become more organized and adept.

Too many passwords

Most consumers have 150 online accounts and therefore many usernames and passwords to remember! As a result, online users resort to creating several complex passwords – or worse; they use the same password across multiple sites.

Passwords are used repeatedly

Once a cybercriminal gets their hands on a user’s credentials, those credentials may often work across multiple accounts. Two-factor authentication is the best defense users have to protect accounts when their passwords have been stolen.

The YubiKey offers easy to use, strong authentication

When you are looking for strong authentication, we advice you to go for the industry’s #1 security key, enabling strong two-factor, multi-factor and passwordless authentication.

All-in-one configurable security key

With a simple touch, the multi-protocol YubiKey protects access to computers, networks, and online services.

Easier and safer than authenticator apps

No more reaching for your smartphone, or re-typing passcodes. Just plug in your YubiKey, tap, and it does the rest for you.

Works with hundreds of services

The YubiKey works with Windows and Mac login, Gmail, Dropbox, Facebook, Salesforce, Duo, and many more services.

YubiKey is the industry's #1 security key, enabling strong two-factor, multi-factor and passwordless authentication.

yubikey hand


Hardware security keys offer the highest levels of online security, with one key to many services.

Ease of use

Hardware security keys can offer passwordless login, with no code to enter. Hardware keys typically require no network connectivity, and does not rely on battery power.


Hardware security keys are significantly cheaper than a mobile phone, and in the case of a lost or stolen key, a backup is much cheaper than replacing a mobile phone.