Educause Security Discussion mailing list archives
Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA
From: "Tomassetti, Tina" <tomassettitm () SUNYBROOME EDU>
Date: Tue, 12 May 2020 11:46:00 -0400
Just curious, is there a major price difference between YubiKeys and FIDO2 keys? Tina M. Tomassetti Assistant Director of Networking and Telecommunications Information Technology Services SUNY Broome Community College PO Box 1017 MS# 63 Binghamton, NY 13902 PH: 607-778-5011 FX: 607-778-5119 tomassettitm () sunybroome edu <tomassetti () sunybroome edu> On Tue, May 12, 2020 at 10:30 AM Ravi Kotecha <kotechar () brandeis edu> wrote:
Hi Beth, At Brandeis, we are using DUO and chose to offer hardware tokens that generate a one-time passcode instead of the YubiKey option. The hardware tokens cost about $20 each and we have decided it's a cost of doing business and any faculty, staff, or student can request one, at no cost to them. It is not widely advertised, but offered if someone expresses concern over the other 2fa options. The YubiKeys are great for USB capable devices, but since many users use mobile devices, the tokens were a better option for us. One reason we made the tokens available to anyone who asked was so that it was not a symbol of being low income. It also takes care of study abroad situations, and we did mail out tokens in those cases but since students were on campus when we enabled 2fa, the mailing situations were few and far between. Best, Ravi -- Ravi Kotecha '10, M.S. '14, M.S. '20 Privacy & Information Security Analyst Information Technology Services x67284 | security () brandeis edu [image: A button with "Hear my name" text for name playback in email signature] <https://www.name-coach.com/ravi-kotecha> On Mon, May 11, 2020 at 9:02 PM Beth Albertson <albertb3 () wwu edu> wrote:We are in the process of implementing Azure MFA for our staff and students. We have a small percentage of students without smart phones, and would like to offer them the option of using a FIDO2 key. I was wondering if other Universities are using FIDO2 keys, and if so, who is picking up the cost? Are students expected to buy their own device? Also, we, like most Universities are all online during the Covid crisis, so it seems we would have to mail the FIDO2 keys to users if we pick up the cost. Thank you in advance for any information you can provide. Sincerely, Beth Albertson, CISSPĀ®, PMPĀ® Director of Information Security Western Washington University beth.albertson () wwu edu ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community <https://urldefense.com/v3/__https://www.educause.edu/community__;!!DaRZpAeNFA!M4vdDdcgk_1fNNyZV2ZCY-mUPsv4g0OidyLbira4z8z7UaPkO55iBpjfCs8NeaOfBnk$>********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- FIDO2 keys and MFA Beth Albertson (May 11)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Ravi Kotecha (May 12)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Tomassetti, Tina (May 12)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Telfer, Will (May 12)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Garrett McManaway (May 12)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Beth Albertson (May 12)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Sabo, Eric (May 18)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Tim Cappalli (May 18)
- Re: [EXTERNAL] [SECURITY] FIDO2 keys and MFA Ravi Kotecha (May 12)