June 22, 2016 10:39 ET

GitLab Expands Authentication Capabilities, Adding Support for U2F and YubiKey Through Partnership With Yubico

New Offering Gives Developers the Ability to Securely Access Any Number of Online Services, With One Single Device

SAN FRANCISCO, CA and PALO ALTO, CA--(Marketwired - Jun 22, 2016) - Today GitLab, the open source code collaboration tool that allows developers to code, test and deploy together, expanded its authentication capabilities for the enterprises via a partnership with Yubico. GitLab now supports the FIDO Universal 2nd Factor (U2F) protocol for user authentication with the added layer of hardware security from YubiKey. U2F changes the game for online authentication as it uses public key cryptography and has built-in support to prevent phishing. This higher level of authentication enables organizations and individual developers to maintain the security of their servers, code, sites, and more from a single source.

With the steady rise of new devices and the growing capabilities of existing ones, the average user logs into networks, applications, or platforms from a variety of different devices. While device flexibility is great from a user perspective, it represents significant security challenges for organizations and developers. Each new access point makes it tougher to fend off malicious attacks particularly phishing while maintaining the integrity of accounts and systems.

GitLab's VP of Engineering, Stan Hu, said, "GitLab and Yubico recognize the importance of security and are excited to be able to provide additional security measures for GitLab customers. GitLab has long supported two-factor authentication via a mobile application, but adding U2F support with YubiKey now provides an additional level of security. GitLab customers will have the option to choose which method of authentication is best for them."

The new YubiKey offering reduces the number of steps coders must take to access their accounts, while maintaining usability and providing secure authentication with just a touch of the YubiKey. With U2F, GitLab customers can now authenticate by inserting their YubiKey into the USB port when prompted. The customer activates their YubiKey by simply pressing the button on the device, then instantly, the YubiKey securely authenticates the user into the account.

The same U2F YubiKey that works with GitLab also works for logging into a growing number of other services, including Google, Dropbox, and Dashlane, without any personal data or encryption secrets shared between service providers. With YubiKeys, there are no drivers or client software to install.

Jerrod Chong, VP of Solutions Engineering at Yubico, says, "GitLab is making a strong statement with their support for U2F, providing their user community with the highest level of account security by enabling YubiKey's U2F capabilities."

Stan Hu, GitLab's VP of Engineering, said, "We are committed to securing our user's work with proven, seamless solutions. Supporting YubiKey for two-factor authentication is a logical step towards that goal."

About GitLab

Founded in 2014, GitLab, Inc. is the open source code collaboration platform that provides a complete workflow to create, review, and deploy code simply and effectively. Downloaded over one million times, GitLab includes Git repository management, code review, issue tracking, wikis and GitLab CI, a continuous integration and deployment tool. Built for the enterprise, GitLab scales effortlessly, handling more than 25,000 users on a single server. GitLab provides companies from startups to Fortune 500 enterprises with a faster and more effective development environment. More than 100,000 organizations all over the globe currently use GitLab on premises including NASA, CERN, Alibaba, SpaceX, O'Reilly, IBM and Expedia. Follow @GitLab on Twitter or learn more it at

About Yubico

Yubico sets new world standards for simple, secure login, preventing unauthorized access to computers, servers, and internet accounts.

Supporting multiple authentication and encryption protocols on all devices and platforms, YubiKeys protect access to user accounts for the world's largest enterprises with a simple touch, and with no driver or client software needed. Yubico is a leading contributor to the FIDO Universal 2nd Factor open authentication standard, and Yubico's technology is used, and loved, in more than 150 countries.

Founded in 2007, Yubico is privately held with offices in Palo Alto (California), Seattle (Washington), Stockholm (Sweden), and London (UK). For more information, please visit