Stop Phishing Attacks Simply By Using A SafeKey.
Weak or stolen passwords as well as phishing attacks are among the most common gateways for successful hacker attacks.
With SafeKey there are new standards that enable robust universal two-factor authentication and passwordless logins to protect you against phishing attacks.
Even if someone ever gets hold of your password they won’t be able to access your account if you have connected your SafeKey.
Let’s see how that’s possible.
What Is Phishing?
Phishing (= password fishing) is a common form of attacks on computer users. The attackers create fake emails and websites of legitimate companies and organizations.
The attackers use this as an excuse to persuade users to enter sensitive information. Usernames and passwords are often targeted for these types of attacks..
SafeKey makes phishing attacks impossible.
Your User Accounts Are Not Safe
Online accounts have become the standard to do anything online. Think about social media, online shopping, courses, remote working or emails.
Everything requires a personal account that usually needs you to set a password. While relating email addresses to passwords has reached a peak and became the general rule, most experts on security and authentication agree on one point: passwords are no longer safe and they’re a thing of the past.
Passwords and SMS or app based two-factor authentication codes are highly vulnerable to phishing and porting scams. SafeKey goes one step further than traditional authentication. Not only do you need your classic login credentials. In addition it is also necessary to have a physical means of authentication, the SafeKey.
It is therefore not possible that someone who happened to get your password can also log in to your account, because logging in also requires your SafeKey. SafeKey makes user authentication safer by adding an extra hardware layer to your authentication process.
Did you know it’s even possible to use your SafeKey for passwordless logins?
Hackers can easily gain access to your account using a variety of techniques:
- Brute force methods – using software to generate random username/password combinations or exploit common weak passwords like 123456
- Credential stuffing – using stolen or leaked credentials from one account to gain access to other accounts (people often use the same username/password combination for many accounts)
- Phishing – using fake emails or text messages to trick a victim into replying with their credentials
- Keylogging – installing malware on a computer to capture username/password keystrokes
- Man-in-the-middle attacks – intercepting communications streams (over public WiFi, for example) and replaying credentials
SafeKey is a solution to all of this.
SafeKey's Built-In Phishing Protection.
SafeKey offers high security and checks whether the domain used actually belongs to the service you’re trying to login to. This makes phishing attacks on a technical level much more difficult as well.
User credentials are bound to the origin, so only the real site can authenticate with the key and you’ll never accidentally authorize malicious websites to use your credentials.
How Does Phishing Protection With A SafeKey Work?
When logging into a website, the user generally authenticates himself by providing a username and a password. With SafeKey, the user will have to additionally confirm the login with a click on the connected SafeKey device.
Register your SafeKey
To use the SafeKey, go to the settings of a supported service and select two-factor authentication to connect a security key.
Insert SafeKey & tap
On a computer, insert the SafeKey into a USB-port and touch the SafeKey to verify you are human and not a remote hacker.
Built-in Phishing Protection
SafeKey offers high security and checks whether the domain used actually belongs to the service you’re trying to login to.
Benefits Of Using A SafeKey For Phishing Protection.
- Integrated phishing protection: high security against phishing attacks through integrated domain check.
- Security: higher security by eliminating risky password management
- Simplicity: no need to issue, secure, change, reset, and manage passwords anymore – simply touch the SafeKey to verify and you’re in.
- Usability and peace of mind: the effort of having to create and securely store a separate, long and complex password for each user account is eliminated.
- Privacy: no confidential information will ever be shared and no personal information is associated with the secret.
- Anonymity: thanks to public key cryptography, no shared secret (private key) is sent over the internet at any time.
- Plug & play: Supporting all common web browsers, no additional client software or driver installation is required.
- Reduced security costs since less accounts get hacked or exploited.
- Less support tickets for helpdesks since forgotten passwords and password resets are a thing of the past.
Get Started With A SafeKey!
You should select your SafeKey based on the services (i.e. websites and apps) and devices you want to use the SafeKey with. Please see the resources below to help you decide on which SafeKey will be your best fit.