In the past, the only way to log into Lizzy was with an email address and password. However, due to the number of users we know to have used insecure passwords, we’ve decided to add support for the Yubikey brand security keys available at Yubikey.com. These keys can be placed on a keychain or strapped around your wrist in order to login to Lizzy without typing anything at all. You simply slide your key into the usb slot on the computer you wish to log into and press the button. Lizzy will then lookup the key to see who it belongs to and verify the encryption key it generates in order to determine if its a valid login.
You are then instantly logged in, and in the most secure way possible. Because the encryption key changes its password on regular intervals and utilizes a much longer password than most of your employees do, its much more difficult to bypass or guess. Another advantage to the Yubikey activation is that once you use one, Lizzy will disable your primary email address and password login credentials, so that the more secure mechanism for gaining access to your database is all that is available.
We don’t remove those logins totally and can reactivate them in the event you loose your key, but it does provide a much more secure way to access and protect your databases.
nizeX, Inc has been using the Yubikeys for development for years and recently decided to push it into the day to day processes for our Lizzy users in order to provide them an extra layer of security if they wish.
If you’re interested in purchasing a yubikey to try out, visit the link above and get as many as you need. There is a video in the Lizzy Learning Center on activating your Yubikey that will walk you through how to get started.