Exclusive: Insights from Yubico on World Password Day

In a detailed discussion with Geoff Schomburgk, Regional Vice President for Asia Pacific & Japan at Yubico, we explored the evolving landscape of cybersecurity and the promising shift towards passwordless solutions that Yubico is pioneering globally as we approach World Password Day on May 2nd.

Yubico, known for its significant strides in the cybersecurity sector, particularly excels in providing phishing-resistant multi-factor authentication through physical security keys. Schomburgk described these keys as instrumental in facilitating secure online environments across varied industries. He highlighted, "We offer a range of hardware security keys that provide modern phishing-resistant multi-factor authentication. Many of your audience would know the term MFA, and that's what we do."

Expanding on Yubico's reach, Schomburgk noted the company's global influence, serving over 140 countries, with a particularly rapid expansion in the Asia-Pacific region. This broad coverage reflects Yubico's commitment to enhancing security measures worldwide.

Reflecting on the history of passwords, Schomburgk observed that while passwords have remained relatively unchanged, their usage has become increasingly problematic due to the ease of hacking and the inconvenience they pose to users. "Passwords probably haven't changed an awful lot... But we are seeing changes in the world of authentication, driven by the rapid increase of cybercrime and hacking attempts," he explained.

Addressing the current cybersecurity landscape, Schomburgk underlined the shift from reactive to proactive security measures. He stressed the importance of moving beyond traditional passwords to more secure alternatives like passkeys—a concept Yubico is actively promoting. "We are entering the area of proactive cybersecurity," he asserted.

Passkeys represent a significant evolution in authentication technology. Schomburgk elaborated, "At a high level, a passkey is an option to remove the need for a password... The FIDO Alliance has developed an industry standard called the FIDO protocol, which we helped pioneer with Google back in 2014."

Discussing the benefits and security features of Yubico's offerings, Schomburgk clarified that YubiKeys are indeed a form of passkey, providing secure, phishing-resistant authentication that is both easy to use and globally scalable. "A passkey is another name for a FIDO credential and a YubiKey can store multiple passkeys on the one physical key," he mentioned, illustrating the practical applications of these tools in everyday digital security.

Turning to the types of cyber threats passkeys can mitigate, Schomburgk emphasized their role in preventing credential-based data breaches, which constitute the majority of cyber incidents. "80% of data breaches are a result of credentials being compromised. If we can have a solution that stops that, then we're stopping 80% of the problem," he explained.

On the topic of implementation and adaptation to passkeys, Schomburgk advised organizations to approach this as any other change program—by communicating benefits, conducting pilots, and gradually building momentum. He also highlighted the importance of collaboration with technology partners like Microsoft, Apple, and Google to integrate passkeys effectively into various platforms.

Concluding the interview, Schomburgk shared his vision for the future of Yubico and the broader cybersecurity landscape. He expressed optimism about the ongoing transition to passkeys and the potential for this technology to become the industry standard, replacing passwords in the long term.

As Yubico continues to pave the way in secure authentication solutions, its efforts not only promise enhanced security for users but also signify a paradigm shift in how we protect our digital identities in an increasingly interconnected world.