The key to DFARS/NIST Compliance

Yubico Team

Yubico Team

3 minute read
authlite ecosystem showcase

There are only 8 weeks left before the Defense Federal Acquisition Regulation Supplement (DFARS) deadline, and now is the right time for US government contractors to secure Active Directory users. DFARS compliance was structured to protect unclassified US Department of Defense (DoD) information on a contractor’s internal information system from cyber incidents, and to minimize the loss of information via cyber incident reporting and damage assessment processes.

Government contractors are required to implement the mandatory controls for Controlled Unclassified Information (CUI) detailed in NIST SP 800-171, a key component of which is to implement multi-factor authentication (MFA) for accounts that access privileged data.

AuthLite Logo
Ecosystem Showcase: AuthLite 

Whether you’re implementing DFARS/NIST, PCI, HIPAA compliance, or just moving to strong authentication, securing your user accounts with static passwords isn’t enough anymore. The AuthLite two-factor system for Active Directory is inspired by the simple model of YubiKeys, and designed to solve this issue,” said Greg Bell, CEO and Founder of AuthLite.

Together, Yubico and AuthLite offer a joint solution for government contractors and organizations seeking DFARS compliance. AuthLite systems natively support YubiKeys so organizations can meet the multi-factor authentication requirements for local and network access outlined in the DFARS clause.

AuthLite enables your organization to natively process MFA in your Domain Controllers and connected systems. Giving you the flexibility to implement YubiKey MFA to servers, computers, and users of your choice. AuthLite also gives your organization the opportunity to add YubiKeys for users at any time, and can quickly provision new YubiKeys as your organization grows.

The multi-protocol YubiKey is built to address privacy, validation, and compliance requirements across various standards and directives, including FIPS and NIST. The YubiKey combines three of the permitted authenticator types from the latest NIST digital identity guidelines in one physical device: OTP, FIDO U2F, and smart card / PIV-compatible / OpenPGP. In the same guidelines, NIST recognizes FIDO U2F at the highest authenticator assurance level, AAL3.

The YubiKey is loved by millions across the globe for its simplicity, security, and affordability. Your users will love the ease of use of the combined YubiKey and AuthLite solution.

How it works:

Logging In

  1. Simply press the YubiKey contact to enter a One-Time-Passcode (OTP)
  2. Type the Active Directory password as usual

Behind the Scenes

On the Domain Controller, AuthLite validates the OTP, and changes the user’s Kerberos ticket to contain an extra “two-factor tag” group. That way, your domain services can check whether a user logged in with one or two-factors, and decide whether to grant or deny access to sensitive resources.

AuthLite’s unique power and flexibility comes from working with your Domain Controllers to improve the authentication in the core of your domain instead of just around the perimeter.  Even in simple networks, each customer’s configuration might be different. We even provide Interactive Documentation, walkthrough videos, and include remote engineering assistance to make sure your multi-factor deployment is secure,” said Bell.

Fun fact! AuthLite became Yubico’s first enterprise partner in 2009. With this joint solution, AuthLite and Yubico are ready and excited to help organizations and government contractors achieve DFARS compliance by the December 31 deadline.

Learn more about using AuthLite for DFARS compliance here.

Talk to Yubico about using the YubiKey for DFARS compliance here.

Yubico is proud to highlight AuthLite as part of an ongoing YubiKey ecosystem awareness program. Visit our Featured Solutions page to learn more about other products and services that support YubiKeys.

, , ,
Talk to our teamTalk to our team

Share this article:
  • Digital security’s unique role in protecting our environmentAs sustainability expands to include social, economic, and technological challenges, cybersecurity has emerged as a top global threat – with cybercrime projected to cost $12 trillion this year. Stolen credentials and phishing account for 80% of breaches. At Yubico, making the world more secure is just part of how we care for the world around […]Read moreCSREarth DaySecure It ForwardSustainability
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing
  • 5 fast cybersecurity tips to clean up your digital lifeWith today being Identity Management Day, now is the perfect time to take stock of your online presence, update security settings, and ensure that your personal data remains protected from cyber threats like phishing. We’re also seeing increasing concerns of DeepSeek and other AI tools around data privacy making these kinds of attacks more successful […]Read morebest practices
  • Navigating the PCI DSS 4.0 transition and meeting compliance with phishing-resistant YubiKeysIn just a few days, on March 31, 2025, decision makers in industries that involve payment processing – including financial services, retail & hospitality and telecommunications – are tasked to finalize the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0. This deadline marks a critical juncture for all organizations handling payment card […]Read moreNISTPCI DSSPCI DSS 4.0