Yubico Forum

Hello,

my big problem with Yubikey is that too few companies support it!!!

I would like to use Yubikey at places that require high security:

1) Do you know any ICANN-accredited domain name registrar, who support Yubikey? Name.com uses their own hardware token.
2) Do you know any web hosting company, who support Yubikey? Cpanel should support Yubikey at least!
3) Do you know any DNS service who use Yubikey? It is great that Google Apps support Yubikey. But you use your own domain name at Google Apps, right? And where do you control the MX recrods of your domain name? In your hosting account, or in your DNS service. And do these services support Yubikey? No. So basically using Yubikey only for Google Apps is a false sense of security. You should then use Yubikey even for your domain name and hosting control panel.
4) Do you know any internet banking service who use Yubikey?
5) Paypal doesn't support Yubikey.


Does Yubico advertise Yubikey at these companies? A web hosting company, or a domain registrar could gain competitive advantage, if they would use Yubikey. Why can't you persuade them to support it?

And what is your opinion about the mentioned Google Apps issue? A hacker can read your email without stealing your Yubikey, because the control panel where you control the DNS-settings for your domain (like nameservers, MX records) doesn't support Yubikey.

The only person that can change all that is you, my friend. Just a word of advice: you will never change the minds and hearts of companies by posting on this forum. But if you feel it is worth your while, and want to support Yubico, by all means do so!

What could you do? Well, I don't know, but I can tell you what I do, perhaps it will trigger your imagination. At the next NLUUG fall conference I will give a presentation about the Yubikey. There will be hundreds of (Unix) sysadmins sitting there who never might have had heard about the key otherwise. If they feel it is a good solution, they will inform their management, and perhaps that might just trigger more companies to use the key. I also carry around my Yubikeys and regularly demonstrate them to people. I have written some software for the G1 to emulate a Yubikey and Yubico has worked with me and allowed me to use the authentication server with it - even though strictly spoken that might harm their sales. I have some ideas about the authorization server and have been mailing with Yubico about them, to see if we can get some of my ideas implemented, which in turn may result in a more robust, Open Standards Open Source extended authentication service, which also supports extended attribute exchange. In general, I try to work towards a Yubico independent solution, in effect the solution should still work might Yubico go out of business - but probably they won't, just BECAUSE we work on a system that reduces dependency on Yubico.

But even if 'all' you do is be enthousiastic about the keys and demonstrate them to others, that already helps a lot.

So, my friend, ask not what Yubico can do for you, but what you can do to advocate the yubico key

I already wrote to a few companies to consider supporting the Yubikey. Some of them responded that they forwarded this idea to their development departement.
I will also join to the affiliate program and try to generate sales for Yubico.

I was just curious, what is the marketing plan of Yubico? Do they actively contact companies asking for Yubikey support?