Yubico
The YubiKey from Yubico not only enables powerful two-factor authentication for your applications. Users will also find it uncomplicated and easy to use, since they can use one-touch authentication instead of typing cumbersome codes.
YubiKeys can be used to protect many different accounts – including remote access and VPN, password managers, computer log-in, Google Mail log-in, content management systems, popular online services and much more.
Advantages
The YubiKey combines a high level of security and user-friendliness with an unbeatable price-to-performance ratio. Compared with smart cards, other security tokens, mobile phones and TPMs (Trusted Platform Modules), the YubiKey offers many advantages.
- A new password for each log-in, significantly stronger than static passwords
- 6- to 32-digit one-time passwords
- Public key encryption methods
- Presence of user necessary (verifies that it is not malware)
- Hardware is protected by secure elements
- Fast authentication process with a click
- No card readers needed • No drivers or client software necessary
- One device for any number of different services
- No complications in time synchronization
- Can be used over NFC with other NFC-capable devices (except iOS devices)
- Does not require any batteries
- Waterproof and extremely break-resistant
- Weighs less than a credit card
- Can be used conveniently at all computers and can be removed from the USB port at any time
- No additional hardware needed except computer and cell phone
- Can be used by users with impaired vision
- Fast authentication process with a click
- No card readers needed No drivers or client software necessary
- One device for any number of different services
- No complications in time synchronization
- Can be used over NFC with other NFC-capable devices (except iOS devices)
- Does not require any batteries
- Waterproof and extremely break-resistant
- Weighs less than a credit card
- Can be used conveniently at all computers and can be removed from the USB port at any time
- No additional hardware needed except computer and cell phone
- Can be used by users with impaired vision
Applications
The YubiKey works with many applications out-of-the-box and without client software.
Functions
The Swiss army knife of security tokens
The YubiKey offers multiple functions for protecting your log-in.
Each YubiKey (except the blue Security Key) has 2 slots that you can configure separately with the Yubico personalization tool.
So, in practical terms, the key operates like two separate keys. (As delivered, slot 1 is configured with the Yubico OTP.)
The following functions may be available (depending on the type of YubiKey):
The YubiKey generates an encrypted password that can only be used once. A hacker would therefore need your YubiKey to generate the necessary one-time password. Yubico OTP can be used with all YubiKeys except the U2F Security Keys.
U2F is an open 2-factor authentication standard which enables secure access to any number of web-based services (such as Gmail or Dropbox) – immediately and without drivers or client software. The U2F specifications were originally developed by Google with participation by Yubico and NXP. Today, everything is managed under the auspices of the FIDO (Fast IDentity Online) Alliance. Currently, FIDO U2F only works in a Chrome browser. The feature can be used with any YubiKey except the Standard and Nano versions of the YubiKey.
The new Security Key from Yubico already supports the FIDO2 protocol.
The YubiKey generates a six or eight-digit one-time password for any service that supports OATH-HOTP. This action is event-based, so a new password is generated for each event. The OATH-HOTP feature is available for every YubiKey except the blue U2F Security Key.
The YubiKey generates a six-digit or eight-digit one-time password for any services that support OATH-TOTP. These include Microsoft Cloud accounts, Google apps, Dropbox and EverNote. A new one-time password is generated for each time interval, generally every 30 seconds. OATH-TOTP can be configured on all YubiKeys except the U2F Security Keys.
Static Password is a significant YubiKey feature that generates a 38-digit static password for logging into any application. This feature is used most often for old systems which cannot be retrofitted for other two-factor options. Static Password can be used with all YubiKeys except the U2F Security Keys. You will find instructions for configuring a static password here.
Challenge-response is best suited for offline authentication and can be used for Windows, Mac or Linux. Challenge-response is supported by all YubiKeys except the blue U2F Security Key. We explain how to set up challenge & response for your YubiKey in our knowledge database.
Smart cards contain a computer chip for data exchange. The YubiKey Neo also has this feature, which is based on the industry standard for PIV (Personal Identity and Verification) cards.
In the real world, documents and data are often validated by a signature. OpenPGP, a standard-based public key cryptographic method, is used to sign and to encrypt and decrypt SMS, emails and files in the virtual world.
About Yubico
As the inventor and producer of the YubiKey, Yubico has set new standards for secure log-in to the internet. The unique USB and NFC keys enable secure and easy one-touch authentication over various authentication protocols – without requiring any drivers or client software.
The YubiKey has been introduced successfully at numerous companies in 156 countries, including 8 of the top 10 internet companies. In the consumer market too, increasing numbers of users are choosing the YubiKey for its user-friendly two-factor authentication.
Yubico was founded in 2007 and has subsidiaries in Palo Alto, California, Seattle, Washington, Stockholm and London.