Blog

What Is A Hardware Security Key?

What Is A Hardware Security Key?  

 

With almost everything done online, including private and important accounts, having protection beyond just traditional passwords is becoming essential.

 

One of the most secure ways to deploy two-factor authentication (also known as 2FA) is through hardware security keys. 2FA strengthens your digital account by adding an extra layer of security, requiring two different and separate identification for an access grant. 

 

What Is a Hardware Security Key?

hardware security key, also known as a U2F key or physical security key, is a small device that resembles a USB thumb drive and can be plugged into various devices. A security key is a secondary device that works dependently with a primary device. It protects an online account against cyber-attacks and automated bots, and thus, it is phishing-resistant as well. 

 

While there are USB security keys or USB-C security keys, some security keys are designed for wireless Bluetooth or have NFC capabilities to connect with mobile devices. Others can fit Lightning ports for iPhone and iPad users.

 

Aside from providing superior digital protections, security keys are easy to use and a relatively inexpensive alternative to fight phishing attacks and account takeovers.

 

How Does It Work? 

A single hardware security key can be used for several accounts (for as many as you like). It often works by:

  • physically inserting the key into your device (or connect it wirelessly)

  • your web browser or app will then present the security key with a challenge

  • the key will cryptographically sign the challenge, which verifies your identity

 

Technically, a physical security key works by generating a public and private key pair. The private key remains in the hardware security key, while the public key is sent to a server. The physical security key is the source of random numbers called nonce to generate your keys. It also sends another number called checksum to identify your specific hardware security key. 

 

As you login your credentials into an online account, the server will send nonce and checksum back to the physical security key along with a distinct number. From the nonce and checksum, the hardware security key will regenerate its private key, and it will then sign the number sent to it by the server, which finally verifies and unlocks a digital account with the public key.

 

Which Hardware Security Key Works Best? 

When it comes to hardware security keys, you have several choices to choose from. But no two security keys are created the same. 

 

Here are some of the best security keys available to date:

  • YubiKey Bio – This biometric security key features a biometric authentication stored inside the key. This Yubico security key offers strong protection from physical attacks using your biometric fingerprint in a separate secure element. 

  • YubiKey 5C NFC – Since USB-C is becoming the standard on desktops, laptops, and mobile phones, this key brings USB-C and NFC together into a single YubiKey. 

  • Yubico YubiKey 5 NFC – Offering superior defense against account takeovers, this security key NFC lets you connect through a USB-A and wireless NFC. 

  • YubiKey 5Ci – This public key cryptography has the convenience of the Lightning port and USB-C in a single multiprotocol device. YubiKey 5Ci offers support for several modern devices such as Android, Windows, and Apple devices including Macs, iPhones, and iPads. 

  • YubiKey 5 Nano – The tiniest security key, YubiKey 5 Nano, is suited into a USB-A port that works with many online services or apps.

  • Thetis Fido U2F Security Key – Using a personal encryption method, this U2F Security Key by Yubico individualizes your online security by delivering a further layer of encryption via the USB port. 

 

Security keys are becoming essential in this digital era. These electronic security keys are a convenient and relatively affordable way to protect any important account or sensitive information online.

 

Want a strong and reliable hardware security key? Secure your online space with Yubico security keys. Yubico is your all-in-one configurable security that works with a simple touch yet fits a wide range of devices, networks, and online services. 

 

Do you have any queries? Call us at +63 2 8858 5555 today!

What is Email Phishing and How To Protect Your Information?

 

 

 

What is Email Phishing and How To Protect Your Information?

 

Phishing attacks don’t only grow in numbers but also in innovation. Make sure not to compromise your security level, especially in digital spaces. Successful phishing crimes can lead to fake account creations, ruined identities, and massive loss of money.

 

Creating an unphishable security key and learning how to recognize different types of phishing can become your strong email phishing protection. 

 

What is Email Phishing? 

Phishing is a fraudulent practice where an online con artist impersonates a legitimate entity to send deceptive messages to trick a user into divulging private information or provide access to the attacker to deploy malicious malware on someone’s system. Most phishing attacks are done via email. 

 

Email phishing is one of the easiest and most popular methods of cybercrime that steal information such as login credentials, credit card details, social security numbers, or phone numbers.

 

 

How Does Phishing Occur?

Phishing happens as a user responds to a fraudulent email, especially those that require immediate action. Typically, a phishing email demands the following:

  • update a password

  • open an attachment

  • use a new wi-fi hot spot

  • enable malicious macro files in a Word document

  • allow a social media connection request

 

Other Types of Phishing

Aside from email phishing, other types of the most pervasive phishing include:

  • Spear Phishing – This is a highly targeted and well-researched attack that focuses on specific individuals or groups within a company or organization.

  • Malware Phishing – Using the same scheme as email phishing, this form of phishing asks its targets to click a link or download an attachment to install malware on the device or system. 

  • Link Manipulation – This attack encourages a user to click a link that will lead to a fake website designed to seem legitimate and then asks the victim to confirm or update their account credentials. 

  • SMS Phishing/Smishing – Often assisted by malware or fraud websites, this SMS fraudulent sends malicious short links to smartphone users.

  • Vishing – Also known as voice phishing, this type of phishing uses a voice message or a phone call claiming to be tech support from an organization that asks for sensitive data such as bank details or credit card numbers. 

  • Search Engine Phishing – This attack involves the hackers creating fraudulent websites and having them indexed on search engines often to get direct payments or steal identities. 

  • Pharming – This is a more sophisticated type of phishing where hackers reroute legitimate web traffic to a fraudulent website by targeting the domain name system (DNS), making the user’s personal information vulnerable to theft. 

  • Clone Phishing – Through this phishing attack, the attacker clones and re-sends a legitimate email that you’ve recently received from an authentic sender using a seemingly credible email id. The cloned email can be accompanied by malicious content such as a link or attachment, which when clicked will lead to the installation of malware to your system. 

  • Man-in-the-Middle – In this phishing, the hackers involve themselves between legitimate conversations or data transfer of two unsuspecting parties. 

  • Malvertising – This cyberattack injects malicious content into online advertisements to spread malware. 

 

How Can Yubico Prevent Phishing?

Phishing attacks evolve along with the advances of technology. Weak electronic security can make you or your entity vulnerable to phishing attacks and other cybercrimes. Yubico’s U2F Security Key and YubiKey deliver robust and cutting-edge security to your digital domain. 

 

Since they make any login bound to the origins, the keys will only authenticate legitimate websites while failing fake sites. FIDO U2F’s token biding prevents man-in-the-middle attacks by securing the connection between the browser and the service. Some of the toughest security keys by Yubico require a human touch as a verification. 

 

Yubico’s high-quality authentication solutions are easy to use and deploy as well. Security Key NFC by Yubico offers superior defense against phishing attacks and account takeovers. Other speedy and reliable electronic securities include YubiKey 5 NFCYubiKey 5CiYubiKey 5C NFCYubiKey 5 Nano, and YubiKey Bio. 

 

Want strong protection for both traditional and modern phishing attacks? Yubico is a global leader and pioneer for authentication standards for the modern web. 

 

Should you require our services, call us at +63 2 8858 5555 today!

What is two factor authentication? And how does it work?

 

What is two factor authentication? And how does it work? 

 

With the rise of hackers and different types of cybercrimes, having mere passwords isn’t enough. Take your security to new heights with 2-factor authentication or multi-factor authentication, protecting your account and sensitive information from theft.

 

What Is Two Factor-Authentication? 

Two-factor authentication (2FA) is an additional layer of security that requires two different and distinct identification to access an online account or complete a transaction. Aside from username and password, 2FA demands another piece of information, which can be a code sent to you via text, a biometric pattern of your fingerprint, face, retina, or others.

 

Multi-factor authentication (MFA), on the other hand, is an electronic authentication method that requires more than one verification factor to gain access to an application or website. MFA strengthens security by combining two or more independent categories of credentials such as password, security token, or biometrics, minimizing the chances of becoming a victim of cyber-attacks. 

 

How Does 2-Factor Authentication Work? 

With two-factor authentication, any user who attempts to open an account should enter the right username and password. After a successful log-in, instead of having access immediately, a second verification is required to finally gain full access to the account.

 

Meaning, you’ll need another identifying factor beyond just the traditional username and password. The second factor is often hard to crack since it is something that only the legitimate user has access to. 

 

Types Of Two-Factor Authentication

The most common types of two-factor authentication include:

  • SMS 2FA – Two-factor authentication via SMS sends a secret one-time passcode (usually 5-6 digits) to a user’s mobile number as a second verification following the username and password log-in. This is the most popular 2FA option since many people use SMS, plus no app installation is required. 

  • Phone call 2FA – Much like SMS 2FA, users get a verification code through a phone call after a successful username and password log-in. 

  • Email 2FA – 2FA via email is also a common choice since it’s easy to implement and accessible to both smartphones and computers. In this method, an OTP or secret code is sent to the user via email. In some cases, instead of OTP, they’ll send unique links which you can simply click to gain access. 

  • Hardware 2FA – Used primarily by business entities, hardware-based two-factor authentication is one of the most secure 2FA methods. It uses a device such as a key fob or dongle to generate a 2FA token for access gain. 

  • Biometric 2FA – This method works by requiring the legitimate user to present something unique about his physical body such as a fingerprint, retina, face, or voice for account access.

 

With this generation becoming reliant on computers and the internet, optimizing your security with two-factor authentication is crucial to prevent and combat digital fraud. With 2FA, you can protect your confidential data or bank account details from some fraudster trying to impersonate you. 

 

The industry’s number 1 security key is YubiKey. It allows strong two-factor, multi-factor, and password-less authentication that works with a range of services including Mac login, Gmail, Dropbox, Facebook, and much more! It’s like your one key to access all. 

 

With Yubico’s Security Key NFC and U2F Security Key, expect a simple and intuitive authentication experience. You can opt for YubiKey 5 NFC if you want the most effective protector against account takeovers. Choose YubiKey 5Ci if you need a dual connector with support for USB-C and Lightning. 

 

Other robust and cutting-edge products include YubiKey 5C NFCYubiKey 5 Nano, and YubiKey Bio. These are fast, easy, and reliable authentication electronic securities.  

 

Want an easy-to-use but strong authentication electronic security? Let the Yubico security key protect your accounts and profiles online. Yubico is a global authentication leader brand trusted by some of the world’s largest enterprises and millions of users across the globe.

 

For inquiries, feel free to call us at +63 2 8858 5555 today!

Parallels Fluidstream Case Study

Parallels Reinventing Business Works

Parallels Remote Application Server

Parallels Simplifies Virtual App Delivery

A fresh, new update for SketchUp 2020

After introducing SketchUp 2020 in January and sharpening it in April, we’re pleased to announce an August update as well. These enhancements focus in on a few long-standing user requests. Let’s take a closer look.

Linear inference toggles for the Line tool in SketchUp

SketchUp inferencing comes in all shapes and sizes. One of the most distinct is the linear inferencing that allows you to snap or lock to the red, green, and blue axes. Linear inferencing makes SketchUp work, but it can also get in the way. For instance, if you are working with very small spaces or tracing images, we’ve heard from you that it would be helpful for inferencing to get out of the way.

To address this, the Line tool now features a modifier key [(ALT) on Win and (CMD) on Mac] to toggle linear inferencing on and off, so you can draw edges without being snapped to an inference. You can turn off all inferences, or leave only parallel and perpendicular inferencing on. Of course, you can still jump to a specific inference — red, green, blue, or magenta — using the arrow keys.

Weld Edges in SketchUp

We added ‘Weld Edges’ to SketchUp’s native tools. This means you can join edges and arcs into a single polyline without installing an extension. If you haven’t used a weld extension, we recommend starting to weld edges for any face where you’d like a smooth push/pull extrusion. Select the edges you want to join, right-click and select Weld Edges.

Control line width, colour, and pattern by tag in LayOut

Over the years, we’ve learned a lot about how LayOut users stacked viewports to create incredible 2D drawings. The biggest lesson: it would be great if you didn’t have to stack performance-impacting viewports to get drawings to look the way you want.

We’re happy to share that you can now control the line style of SketchUp tags in LayOut. Before this update, rendering a plan view with different line weights meant hiding a bunch of geometry, creating different scenes, and stacking viewports. Now, you can adjust the edge width, colour, dash pattern, and dash scale in one viewport by assigning and styling tags.

Whether you need control of line styles for architectural drawings, production drawings, and details, or general illustration, we’d love to hear your impressions… or better yet, see your work. Share some examples of the drawings you create (or would like to make) in SketchUp and LayOut using the hashtag #LearnLayOut

Smoother operations in larger LayOut documents

Good LayOut documents are an arrangement of viewports, images, vector graphics, and labels. As pages get complex and documents get longer, operating on selections gets slower. To help speed up larger files, we’re excited to share changes to how the move, copy, and scale operations work. Now, LayOut previews these transformations instead of drawing them in real-time as you work with a selection. When you complete a move, copy, or scale operation, LayOut then redraws your action. This is a subtle change, but it brings a new feel and a lot more efficiency to LayOut.

Get access to SketchUp Pro and LayOut here and explore these updates today!

HP MSA WSI Article#7 - Customer Delivery Inspections

Free HP Customer Delivery Inspections ensure businesses use original supplies

 

At a time when it has become difficult even for vigilant business owners and entrepreneurs to determine whether the printing supplies they ordered from various online suppliers and traditional vendors are originals or fakes, HP endeavors to help its large and medium-sized customers by providing free, on-site examinations.

 

The HP Anti-counterfeit Customer Delivery Inspections aim to protect HP clients from using fake products that can pose serious threats to their business, produce poor printouts, damage printers beyond repair, stall print jobs, and interrupt office workflows, which can all incur additional costs for the HP client.

 

If they notice suspicious bids in tenders and suspect counterfeit products are included in the delivery of HP Printing Supplies, HP enterprise clients can request for delivery examinations at their convenience by filling out a customer delivery inspection request form and email it to the HP Anti-Counterfeiting and Fraud (ACF) Programme at customerinspections@hp.com

 

Upon verification of the suspicion, ACF product experts will conduct the inspection of large and medium-sized deliveries within the premises of the HP client. Only unopened and sealed boxes will be inspected.

 

If counterfeits are found, the inspector will ask for the name of the supplier and a copy of the proof of purchase. The customer will also be asked to refrain from buying from that supplier.

 

HP also recommends that the customer should neither send back any products to the supplier nor inform the supplier about the inspection before the Customer Delivery Inspection is conducted.

 

To ensure deliveries of Original HP Supplies every time, customers are advised to buy only from HP or its authorized HP resellers and distributors such as WSI. To order, please visit https://wordtext.com.ph/wesellit/

 

HP MSA WSI Article #6 - HP WSI Toner Cartridges Manufacturing Dates

Why Original HP Toner cartridges only have manufacturing dates

 

Like the durable and reliable printers that it manufactures for household and enterprise consumers, HP ensures that matching printer supplies and consumables, such as Original HP Toners, are produced with the same level of quality, enough to market it without an actual expiration date.

 

When consumers buy Original HP Toners, what they will see printed or stamped in the product packaging or cartridge box is a manufacturing date that the global printer maker only uses for internal processes such as inventory tracking and to comply with regulatory standards in certain countries.

 

No expiration

Most toner cartridges do not need to indicate “use before” or “end of warranty” dates because they only contain plastic particles that are very stable in most conditions.

 

But while Original HP Toner cartridges, the company will not replace products that have been refilled, refurbished, remanufactured or tampered with in any way; or Original HP Toner cartridges that have been damaged or found to be defective because of misuse or improper storage.

 

Storage tips

Toner cartridges should be kept in their original packaging and stored in a flat position in a cool, dry place, away from direct sunlight.

 

To get Original HP Toner cartridges that one can depend on to produce bold blacks and vibrant colors, it is best to buy only from authorized online resellers and distributors such as WSI. To order, please visit https://wordtext.com.ph/wesellit/