Building cyber resilience with Yubico and Microsoft

In today’s digital landscape, cyber threats are evolving at an unprecedented pace: every second, a phishing attack takes place. In fact, over 80% of these attacks are the result of stolen login credentials and almost 70% of phishing attacks relied on AI last year alone. Recent data from Microsoft Entra also reveals a staggering increase in attempted attacks, with password-based attacks targeting Microsoft cloud identities occurring at a rate of 4,000 per second. These attacks not only expose sensitive data and disrupt critical services, but allow malicious actors to spy on network transmissions – damaging brand reputation and customer loyalty.

Yubico understands the gravity of these threats and is committed to making organizations both phishing-resistant and cyber-resilient. Through our ongoing partnership with Microsoft, we are delivering modern, phishing-resistant multi-factor authentication (MFA) solutions to enable businesses to move towards a passwordless future. 

Microsoft’s recent requirement for MFA is a significant step towards enhancing security across its platforms: In mid-2024, Microsoft began enforcing the use of MFA for all Azure sign-in attempts. This mandate underscores the importance of MFA in protecting against account compromise, as research by Microsoft shows that MFA can block more than 99.2% of such attacks.

As the gold standard for phishing-resistant MFA, Yubico’s YubiKey is perfectly positioned to help organizations meet this mandate. The YubiKey ensures that organizations comply with Microsoft’s requirements while offering a seamless and secure authentication experience. The YubiKey’s compatibility with Microsoft Entra ID and other Microsoft services makes it an ideal solution for organizations looking to enhance their security posture in line with Microsoft’s guidelines.

Meeting Microsoft’s MFA mandate: How Yubico helps businesses achieve cyber resiliency

Our collaboration with Microsoft is a cornerstone of our mission to enhance cyber resiliency. Microsoft has been a pioneer in advocating for stronger security measures and has integrated wide support for YubiKeys across its ecosystem in recent years. Our strong, long-lasting partnership enables organizations to leverage the combined strengths of Yubico and Microsoft to achieve a higher level of security.

Microsoft Entra ID supports passwordless authentication with YubiKeys, allowing users to authenticate seamlessly without the need for passwords. This integration not only enhances security but also improves the user experience by eliminating the hassle of password management.

Yubico’s approach to cyber resiliency is rooted in the belief that security should be both robust and user-friendly. Unlike traditional password-based systems or software-based authenticator apps, the YubiKey offers several distinct advantages:

  1. Phishing-Resistance: The YubiKey uses public key cryptography specifically registered at website or service. This makes it virtually impossible for attackers to intercept or redirect authentication attempts.
  2. Ease of Use: With a simple tap or insertion, users can authenticate securely without the need to remember complex passwords or enter codes from an app. This ease of use reduces friction and encourages widespread adoption.
  3. Cross-Platform Compatibility: The YubiKey works seamlessly across a wide range of devices and platforms, including Windows, macOS, Linux, iOS, and Android. It also supports multiple authentication protocols, such as FIDO2, U2F, OTP, and Smart Card, making it a versatile solution for diverse security needs.
  4. Durability and Reliability: Built to withstand daily wear and tear, the YubiKey is designed for long-term use. Its robust construction ensures that it remains functional even in challenging environments.

A phishing-resistant, passwordless future with Yubico and Microsoft

The future of cybersecurity lies in moving toward passwordless and becoming phishing-resistant. Yubico and Microsoft are at the forefront of this transformation, advocating for a passwordless future where strong, hardware-based authentication methods like the YubiKey become the norm. As cyber threats continue to evolve, the need for robust and user-friendly security solutions has never been greater. Our partnership further strengthens our commitment to enhancing cyber resiliency and helping organizations around the world move towards a secure, trusted, and efficiently passwordless future.

For more information on Microsoft’s MFA mandate and other mandates to prepare for in 2025, don’t miss our recent webinars here available on-demand — including a great discussion between Yubico’s Ronnie Manning and Chris Steffen, VP of Research, Security & Risk Management, at EMA. In our other recent webinar, I spoke with Yubico’s CISO Chad Thunberg to discuss the steps organizations can take to build cyber resiliency and how Yubico and Microsoft can foster this mission.

Talk to our teamTalk to our team

Share this article:


  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreYubiKey