-
Protect the Digital You with the most secure and easy-to-use security key.
Proven security at scale
Stop account Takeovers
YubiKeys are trusted by the world’s largest companies and users have experienced 0 account takeovers.
Easy to Setup and Support
It’s as easy as USB! Access your accounts 4x faster than other 2FA, and cut support calls by 92%
Purpose-built for Security
Unlike other 2FA, YubiKeys store no data, no network connection, and don’t run on software.
One key for many applications
The YubiKey works with hundreds of enterprise, developer and consumer applications, out-of-the-box and with no client software. Combined with leading password managers, social login and enterprise single sign on systems the YubiKey enables secure access to millions of online services.
How it works
A single YubiKey has multiple functions for securing your login to email, online services, apps, computers, and even physical spaces. Use any YubiKey feature, or use them all. The versatile YubiKey requires no software installation or battery so just plug it into a USB port and touch the button, or tap-n-go using NFC for secure authentication.
Register your YubiKey
To use the YubiKey, go to the Security Settings of a supported service and select two-factor authentication.
Insert YubiKey & tap
On a computer, insert the YubiKey into a USB-port and touch the YubiKey to verify you are human and not a remote hacker.
Tap on phone
For NFC-enabled phones, just tap your NFC-enabled YubiKey against the phone to complete authentication.
Multi-protocol security key secures modern and legacy systems
The YubiKey supports WebAuthn/FIDO2, FIDO U2F, one-time password (OTP), OpenPGP 3, and smart card authentication offering a solution that bridges legacy and modern applications. Yubico and the YubiKey will continue to grow with your evolving business needs.
The YubiKey supports one-time passcodes (OTP)
OTP supports protocols where a single use code is entered to provide authentication. These protocols tend to be older and more widely supported in legacy applications. The YubiKey communicates via the HID keyboard interface, sending output as a series of keystrokes. This means OTP protocols can work across all OSs and environments that support USB keyboards, as well as with any app that can accept keyboard input.
The YubiKey enables smart card authentication
Smart cards are another supported protocol on the YubiKey. The YubiKey identifies itself as a smart card reader with a smart card plugged in so it will work with most common smart card drivers. The YubiKey allows three different protocols to be used simultaneously – PIV, as defined by the NIST standard for authentication; OpenPGP for encryption, decryption, and signing; and OATH, for client apps like Yubico Authenticator.
Enable modern authentication with FIDO U2F
FIDO U2F is another protocol supported by the YubiKey. The U2F protocol provides strong authentication without requiring a complex backend or framework to support it. Turning traditional authentication on its head, FIDO U2F makes the authentication device, like the YubiKey, the authentication provider. It issues unique keys to the services it is authenticating against, ensures each service does not have any information about the others, and removes the need for a central authentication service.
Experience passwordless authentication with FIDO2
FIDO2 is the passwordless evolution of FIDO U2F. The overall objective for FIDO2 is to provide an extended set of functionality to cover additional use cases, with the main driver being passwordless login flows. The U2F model is still the basis for FIDO2 and compatibility for existing U2F deployments is provided in the FIDO2 specs.
Get world class authentication security
For less than a cup of coffee per user/month
Get Started
Find the right Yubikey
Take the quick Product Finder Quiz to find the right key for you or your business.
FAQs
How does YubiKey actually work? ›
The YubiKey is a device that makes two-factor authentication (2FA) as simple as possible. Many apps, online services, and computers enforce 2FA every time a user wants to connect. Instead of a code being texted to you or generated by an authenticator app, you press a button on your YubiKey, and you're logged in.
How does the Yubico key work? ›The YubiKey supports one-time passcodes (OTP)
The YubiKey communicates via the HID keyboard interface, sending output as a series of keystrokes. This means OTP protocols can work across all OSs and environments that support USB keyboards, as well as with any app that can accept keyboard input.
During credential registration, a new key pair is randomly generated by the YubiKey, unique to the new credential. The private key, along with some metadata about the credential, is encrypted using authenticated encryption with a master key.
Does a YubiKey need to be plugged in all the time? ›No, you only need to insert your yubikey when you are prompted to do so during login. Leaving it plugged in could result in the yubikey being lost or damaged. Q. I have already set up a security question.
Does YubiKey work without Internet? ›The YubiKey is crush-resistant and water-resistant. It requires no battery or cellular network connectivity and its simple touch authentication is four times faster than typing a One Time Password.
How long will a YubiKey last? ›A Yubikey will essentially last forever, and if you stay clear of the insanity that is Passkeys its Webauthn element can support an infinite number of websites. Portability: I have a smartphone, a work laptop, a home laptop, and a home desktop. My Yubikey has USB and NFC, so it can trivially be used with all of them.
What is YubiKeys secret? ›A Yubico OTP (one-time password) is a unique 44-character string that is generated by the YubiKey when it is touched (while plugged into a host device over USB or Lightning) or scanned by an NFC reader.
What happens if someone steals my YubiKey? ›So, what happens if you lose your YubiKey? In that case, you can still use your Authenticator app (phew!). While you can't create a backup YubiKey, you can always contact Yubico to get a replacement key.
How long is YubiKey valid? ›However, considering a YubiKey being used five times a day, 365 days per year, it will take 18 years for the counter to get stuck. Furthermore, as this counter only increment the first time after power up / reset, the practical lifetime is even longer.
Why is YubiKey so expensive? ›It is costly to design, mould, manufacture, sell and support a hardware product, even something as small as this. Since you don't want your 2FA company to go out of business there is good value in knowing they have a stable business model that can actually support a company rather than just burning capital.
How many passwords does YubiKey hold? ›
OATH-TOTP - the YubiKey 5's OATH application can hold up to 32 OATH-TOTP credentials (AKA authenticator codes). OTP - this application can hold two credentials, can be registered with an unlimited number of services. The OTP application comes with: Yubico OTP.
Does YubiKey run out of battery? ›The YubiKey will never run out of batteries (there are none!) You don't need to read a 6 digit number and enter it manually which is prone to error and can be difficult depending on how good your eyesight is (am I getting old? :-))
Do I have to use YubiKey every time? ›YubiKeys and Security Keys:
Eliminate the need to reach for your phone to open an app, or memorizing and typing in a code—simply touch the YubiKey to verify and you're in. Are trusted—You don't need to use the YubiKey every time you log in. Once an app or service is verified, it can stay verified.
If a YubiKey is connected to a host over USB or Lightning, slot activation occurs when the key is touched, and the duration of touch determines which slot is activated. If a YubiKey is scanned by an NFC reader, the slot that is pointed to by the OTP application's NDEF tag will activate.
Does YubiKey remember passwords? ›The OTP application slots on the YubiKey are capable of storing static passwords in place of other configurations.