I’m curious. I often think, how does that work? Or why does it behave like that? We are well into the journey towards Passwordless adoption and I’ve spoken and posted about aspects of it before. Always a good place to start are the standards.… keep reading
Get Certificates from a YubiKey using PowerShell
Last week Yubico announced the general availability of their desktop .NET SDK for YubiKeys. I jumped over to their GitHub repo to check out what functionality the .NET SDK exposed. The good news is that the Personal Identity Verification (PIV) slots used for certificates are accessible.… keep reading
Choosing and using a Hardware Security Token for Azure AD Passwordless Authentication
Evaluation criteria for product selection can be a difficult process, especially for items that are rarely purchased. We’ve become accustomed to working out what we want from daily use items such as laptops, and mobile phones which does make that process easier when we refresh them every few years.… keep reading
Recovering from USB device driver is still in memory / USB Composite Device has error (Code 38)
Something you don’t often think about is how many devices you plug into your computer …….. until you plug-in a device and it doesn’t show up or interact as expected. This post details how I recovered from such a situation so I can find it next time, and hopefully it also helps others recover quickly, rather than the numerous dead-ends I went through to fix the problem.… keep reading
Enrolling and using both Microsoft Authenticator and a YubiKey Physical Token with Azure MFA
Microsoft have just announced the Public Preview for Hardware OATH Tokens such as the Yubico YubiKey with Azure MFA. In this very long and graphic heavy post I show the end-to-end setup and use of a YubiKey physical token from Yubico as a Multi-Factor Authentication (MFA) second factor authentication method to Azure AD/Office 365.… keep reading
Validating a Yubico YubiKeys’ One Time Password (OTP) using Single Factor Authentication and PowerShell
Multi-factor Authentication comes in many different formats. Physical tokens historically have been very common and moving forward with FIDO v2 standards will likely continue to be so for many security scenarios where soft tokens (think Authenticator Apps on mobile devices) aren’t possible. … keep reading