This makes me think that there may be a good reason behind the lack of anything more than L1 certification for most keys. Even their FIPS compliant keys are only certified to L1. Yubico's products are among the most popular and are deployed in high security environments, by Google, etc, so presumably are very secure. ![]() See here for a description of the levels: There are only a handful of products certified to a higher level (an example being the TrustKey G310/G320). Keys from most vendors, including all of Yubico's products, are only certified to FIDO2 Certification Level 1 (max is 3+). EDIT: Title says YubiKey, but actually this applies to their FIDO2 Security Key as well
0 Comments
Leave a Reply. |