Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Protect Your Privileged Credentials with WebAuthn


Written by Yubico

June 25th, 2019

85% of organizations fail to achieve basic PAM capabilities according to Thycotic’s 2019 State of Privileged Access Management (PAM) Maturity Report.  This is due in large part to poor security hygiene. It’s essential that organizations deploy proper security precautions to ensure privileged user accounts are not vulnerable or even already compromised.

Organizations still struggle with implementing even basic security best practices

Giving specific users elevated or privileged access rights to sensitive company information and infrastructure is a crucial component of an organization’s overall security architecture. This enables organizations to reduce their attack surface and preserve the confidentiality of critical data. However, organizations at large still struggle with maintaining security practices as it relates to privileged access management (PAM).

Implementing two-factor authentication  (2FA) for administrative access to web applications and devices that store sensitive information is an effective way to mitigate these risks. From SMS to mobile authentication apps, and now with hardware-based Security Keys, 2FA methods have come a long way, making significant progress in data protection. Implementing multi factor authentication (MFA) that includes a strong hardware-based authentication component for administrative access to web applications and devices that store sensitive information is an even more effective way to mitigate the risks of poor security hygiene.

WebAuthn, a new global standard for web authentication, combines public key cryptography with origin checking to strengthen account login security, and effectively protect against phishing and account takeovers. With WebAuthn, users have more flexibility and choice for authentication; for example, using a combination of an external authenticator, such as a Security Key, and an internal authenticator, such as a biometric touchpad or facial recognition on a laptop to access their web service.

PAM solutions that support WebAuthn enable fast, convenient, and secure authentication options for users

WebAuthn has widespread support across major browsers, operating systems, and devices, including Microsoft Edge, Mozilla Firefox, Google Chrome, and Google Android. That being said, PAM solutions that support WebAuthn enable fast, convenient, and secure authentication options for users across a wide choice of devices and operating systems.

Breaches have quadrupled in the last four years costing the global economy $2.1 trillion in 2019, and 3,809,488 records are stolen every day from breaches. In a post breach world, organizations need to not only ensure the right people are authorized to access sensitive assets, but also ensure the user is who they claim to be. Enabling WebAuthn and ensuring all privileged users enroll a strong second factor with their account further protects authorized access to critical data.

Yubico shares in Thycotic’s commitment to protect users against cyber-attacks. Combining strong authentication with WebAuthn and powerful, comprehensive privileged access management is an effective security strategy that helps us further our mission to secure privileged accounts across the modern enterprise.

We are proud to have Thycotic as part of our Works with YubiKey program – making it easier for customers to use the YubiKey with WebAuthn as a multi-factor authentication solution for accessing privileges secured by Thycotic Secret Server. By adopting multi-factor authentication, organizations can implement a layered defense against cyber-attacks, requiring digital credentials as well as physical devices such as cryptographic tokens to unlock privileged accounts.

PODCAST: Is there a future for passwords? In this podcast Stina Ehrensvard, CEO of Yubico, and our Chief Security Scientist, Joseph Carson, discuss the challenge with passwords today:

Request a Quote

What does cyber security like this cost?
Not as much as you think.

Get a quote for the ONLY enterprise-grade PAM solution available both in the cloud and on-premise.


Like this post?

Get our top blog posts delivered to your inbox once a month.