IBM Vault vs. Yubico YubiKeys

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Vault
Score 8.7 out of 10
N/A
IBM Vault (formerly Hashicorp Vault) is an encryption tool for managing secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Yubico YubiKeys
Score 9.1 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.
$3.94
per month per user
Pricing
IBM VaultYubico YubiKeys
Editions & Modules
Cloud - HCP Vault
$0.03/hr
Open Source
Free
Enterprise
Contact sales team
No answers on this topic
Offerings
Pricing Offerings
IBM VaultYubico YubiKeys
Free Trial
NoNo
Free/Freemium Version
YesNo
Premium Consulting/Integration Services
NoYes
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
IBM VaultYubico YubiKeys
Best Alternatives
IBM VaultYubico YubiKeys
Small Businesses
Keeper
Keeper
Score 6.5 out of 10
WatchGuard AuthPoint
WatchGuard AuthPoint
Score 9.0 out of 10
Medium-sized Companies
Keeper
Keeper
Score 6.5 out of 10
Cisco Duo
Cisco Duo
Score 9.5 out of 10
Enterprises
Delinea Secret Server
Delinea Secret Server
Score 7.8 out of 10
Cisco Duo
Cisco Duo
Score 9.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM VaultYubico YubiKeys
Likelihood to Recommend
8.0
(7 ratings)
9.1
(109 ratings)
Likelihood to Renew
10.0
(1 ratings)
8.5
(8 ratings)
Usability
9.0
(3 ratings)
8.3
(6 ratings)
Availability
-
(0 ratings)
9.9
(2 ratings)
Performance
-
(0 ratings)
9.9
(2 ratings)
Support Rating
6.3
(3 ratings)
6.4
(1 ratings)
Implementation Rating
-
(0 ratings)
8.3
(4 ratings)
Configurability
-
(0 ratings)
10.0
(1 ratings)
Ease of integration
-
(0 ratings)
10.0
(1 ratings)
Product Scalability
-
(0 ratings)
9.0
(2 ratings)
User Testimonials
IBM VaultYubico YubiKeys
Likelihood to Recommend
IBM
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Read full review
Yubico
Great for securing admin accounts, VPN access, and anything exposed to phishing. They’re especially useful in environments pushing toward passwordless auth methods. Less ideal for very large rollouts without solid user training, or for legacy apps that don’t support modern auth, as they can add a bit of friction there.
Read full review
Pros
IBM
  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our GitLab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.
Read full review
Yubico
  • The durability and reliability of the Yubico YubiKeys is unmatched, making me feel safe to carry it with me on a keychain and have it accessible.
  • I'm confident in the hardware security of the Yubico YubiKeys, knowing that the key material is well protected and that tampering with the key would leave obvious traces. This makes key revocation decisions intuitive.
  • The ease of use of the Yubico YubiKeys for power users like myself is unmatched, and easy to train "less power" users on. The broad platform compatibility that Yubico was essential to is a huge driver here.
Read full review
Cons
IBM
  • Session Management is terrible to manage
  • Monitoring is hard and not enough information
  • User management
  • Configuration is too complex
  • More user friendly UI
Read full review
Yubico
  • Occasionally, once or twice it might happen that I would press the key, but it'll not detect that I pressed the key. So I'd have to press it again, but that's just occasionally, sometimes. So maybe even if the key was a little bit bigger and I've detected that, I would've pressed it. But apart from that, I think it's pretty good.
Read full review
Likelihood to Renew
IBM
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Read full review
Yubico
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
Read full review
Usability
IBM
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Read full review
Yubico
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
Read full review
Reliability and Availability
IBM
No answers on this topic
Yubico
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
Read full review
Performance
IBM
No answers on this topic
Yubico
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
Read full review
Support Rating
IBM
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Read full review
Yubico
We have only interacted with support once but it was quick and easily answered. Mostly just questions regarding adding this to certain apps.
Read full review
Implementation Rating
IBM
No answers on this topic
Yubico
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
Read full review
Alternatives Considered
IBM
HashiCorp Vault is way better than Azure Key Vault; it has more features and it goes beyond a key-value secret store.
Read full review
Yubico
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever features we need personally and for our customers. So they provide all those features, but versus the other brands.
Read full review
Scalability
IBM
No answers on this topic
Yubico
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
Read full review
Return on Investment
IBM
  • Helped us reach our security compliance goals.
  • Helped us strengthen our security position in our infrastructure by improving on poor secret management practices.
Read full review
Yubico
  • With Yubico YubiKeys, we no longer worry about unauthorized access to business data/resources, which saves us money and protects our business reputation.
  • Fast authentication using MFA and tap-and-go passwordless features ensures a better user experience and fast access.
  • Since we have a hybrid workforce, Yubico YubiKeys make it possible to secure our remote work.
Read full review
ScreenShots

IBM Vault Screenshots

Screenshot of an example of writing a secret to Vault. Secrets are always encrypted and written to backend storage.Screenshot of the secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault.Screenshot of where vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups.Screenshot of HCP Vault, which provides all of the power and security of Vault, without the complexity and overhead of managing it yourself.Screenshot of where to view entity client and non-entity client counts.Screenshot of MFA is built on top of the Identity system of Vault.