Wired

YubiKeys Are a Security Gold Standard—but They Can Be Cloned

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-sized device vulnerable to cloning when ...
TechRepublic

Hardware-bound passkeys are still ultimate in security: Yubico VP

Hardware-bound passkeys are still ultimate in security: Yubico VP Your email has been sent Derek Hanson, Yubico’s VP of standards and alliances and an industry expert on passkeys, discusses why device ...
Ars Technica

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

That's a bad tradeoff that mostly leads to people continuing to use vulnerable products. Instead they should support digitally signed firmware updates, perhaps zeroizing existing keys during the ...