Yubico has launched FIDO Pre-reg, a feature which the company claims will improve the uptake of passwordless authentication.
Making the announcement at Oktane 23, the security key vendor will be partnering with identity management firm Okta to deliver the new feature for YubiKeys purchased via a YubiEnterprise Subscription. Yubico also claims it is the first feature of its kind.
In essence, the supported YubiKeys will be pre-registered with Okta, allowing organizations to have FIDO activation out-of-the-box, eliminating user registration and thus reducing the burden for admins.
Security key authentication
Yubico describes the new FIDO Pre-reg as, "a first-to-market feature that accelerates passwordless and phishing-resistant MFA for the enterprise." Okta will be the first identity provider (IdP) that Yubico will be partnering with, with others to come in future.
The firm also claims that using its security keys offers, "the most secure form of passkey authentication." It has stated that it wants to "make security keys mainstream in the enterprise," with this new feature demonstrating how frictionless the experience of using security keys to authenticate passkeys can be.
“Organizations have historically been challenged to accelerate user adoption of phishing-resistant MFA and FIDO passkey solutions like YubiKeys at speed and scale,” said Jeff Wallace, senior vice president, product at Yubico.
He added, "typically, administrators manually register YubiKeys on behalf of each employee before delivering to them in-office or shipping the key to the employee’s location."
"FIDO Pre-reg eliminates these challenges and provides a quick and easy way to adopt phishing-resistance throughout a company on day one with turnkey YubiKey activation – all while reducing IT costs."
To login without a password to online accounts, all users have to do is navigate to a web app or their Okta login page and enter a PIN supplied by their IT department. US customers of Okta will be the first to benefit, as they will be able to order pre-registered YubiKeys as part of a limited access period.
Purchase of the keys must be made via the YubiEnterprise Subscription program and users must also have Okta Identity Engine (OIE), Okta Adaptive MFA (AMFA) and Okta Workflows.
The first keys that will be compatible will be the YubiKey 5 NFC and YubiKey 5C NFC. This will extend to all YubiKeys by mid-2024, when the feature will become generally available.
