Techly NewsGet the app

Get the latest tech news

YubiKeys have an unfixable security flaw — but it’s difficult to exploit


Almost every older YubiKey token is impacted.

By Jess Weatherbed, a news writer focused on creative industries, computing, and internet culture. YubiKey manufacturer Yubico says the severity of the side-channel vulnerability is “moderate” but is difficult to exploit, partly because two-factor systems rely upon something the user has and something only they should know. “Depending on the use case, the attacker may also require additional knowledge including username, PIN, account password, or authentication key.” But those aren’t necessarily deterrents to a highly motivated individual or state-sponsored attack.

Get the Android app

Or read this on The Verge

Read more on:

Photo of YubiKeys

YubiKeys

Related news:

News photo

YubiKeys Are Vulnerable To Cloning Attacks Thanks To Newly Discovered Side Channel

News photo

Yubikeys are vulnerable to cloning attacks thanks to side channel

News photo

YubiKeys are buy one, get one half off for Black Friday

« Oprah’s upcoming AI television special sparks outrage among tech critics
Microsoft to announce ‘next phase of Copilot’ on September 16th »