RevBits PAM: 2-Factor Authentication (2FA) with Yubikey
RevBits PAM protects some of your most important information - the credentials you use to access your most sensitive systems and data. To keep your credentials protected, we recommend employing 2-Factor Authentication (2FA) for maximum security. Using a Yubikey is a proven way to deploy 2FA for your account or organization
What is 2FA?
2-Factor Authentication (2FA) is used by many service providers and organizations to secure its login process by requiring another form of authentication (another “factor”) in addition to a password. Popular 2FA authentication mechanisms include a temporary code or password sent to a mobile device or email address, biometric authentication, and a physical token or key. Each form of authentication has its own unique advantages.
What is Yubikey?
Yubikey is a passwordless, 2FA hardware token created by Swedish IT security company Yubico. Unlike other 2FA methods, the Yubikey is used by inserting into a USB port or by using Near-Field Communication (NFC) which activates the key when it is placed on or near a device. The Yubikey is sold in multiple variants.
Palo Alto Networks commented: Domain squatting techniques leverage the fact that users rely on domain names to identify brands and services on the Internet. These squatting domains are often used for nefarious activities, including phishing, malware and PUP distribution, C2 and various scams.;
Because of YubiKey’s physical nature, users no longer have to be concerned with the possibility of a hacker having access to their 2FA app, or an attacker accessing a numerical code sent through an SMS. Through Yubico’s "proof of presence" feature, the user must touch their YubiKey upon login, further preventing an unauthorized individual from remotely accessing the user's account.
YubiKey is battery-less, water resistant, and compatible with 240 programs and applications, including RevBits PAM.
How to Use YubiKey with RevBits PAM
Log into RevBits Privileged Access Management (PAM) using the web application.
In the upper-right corner of the application, select the user profile icon and choose Settings.
Select the settings icon next to Security key verification is disabled.
Choose a default security method that is compatible with your device, and select Add Device with your device connected to your USB port.
When prompted, touch the top of the device to successfully activate it.
When done, the page should reflect that Security key verification is enabled.
Congratulations! Your Yubikey is now registered for use with RevBits PAM.
“Cyber-criminals are regularly mimicking the domain names of mainstream global brands to scam consumers, a practice known as cyber-squatting, according to a new study by Palo Alto Networks.”