Background and setup of a Security-Key for passwordless login in Robin Data.
The use of passwords as a security feature for authentication to IT systems remains a major security risk. Despite regular training and policies, passwords are often insecure, kept on slips of paper or hacked. For years, passwords such as "12345678", "qwertz" or "password" have been at the top of the list of the most popular passwords.
For this reason, authentication methods have evolved in recent years. A second factor is often integrated (2-factor authentication, 2FA), which authorizes the password entry via a second step. In the simplest case, you receive a code via email or SMS that you have to enter in addition to your password. In the more complex case, smartphone apps are used, such as Microsoft or Google Authenticator, through which via code or other confirmation the login process can be authorized.
Another technology is to use a hardware-based universal second factor (U2F) in the form of a security key instead of a password to authorize a login. This key, which looks like a USB flash drive, can be used to authorize a login process (and other processes as well) alone or in combination with other factors. This technology is called "Universal Second Factor (U2F)". The technical implementation is standardized worldwide within the FIDO Alliance and is supported by all major IT software companies and web browsers.
Robin Data has implemented this technology in Robin Data software because we consider it to be secure, privacy protecting, easy to use for everyone, cost-effective and forward-looking. This makes it possible to log in to the Robin Data app without using the more insecure password and by using a security key. The security key can also be used with many other applications such as Google's G-Suite or Microsoft 365.
Setup
The setup is explained in the following video:
The video is currently only available in english
Provider
There are various providers for security keys. A list of FIDO-certified providers can be found on the FIDO Alliance website.
The Security-Keys are available in different versions. As a rule, the variants differ in:
- USB-A versus USB-C
- With NFC chip versus no NFS chip
NFS-based keys are usually more expensive than simple USB-A keys. Security is guaranteed with all FIDO-certified keys, regardless of the provider and variant.
Further questions? - We are here for you.
If you have any questions about the software, please contact our support team. You can reach us at support@robin-data.io.