Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta helps IT become more secure and maintain compliance. The Okta service provides directory services, single sign-on, authentication, provisioning, workflow, and built in reporting. ment systems.
$2
Per User Per Month
Yubico YubiKeys
Score 9.3 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.
They offer ways to store passwords or MFA support, but most need a root password. In addition, LastPass and 1Password do not have much support for MFA. This results in a lack of MFA support. For Okta, although it offers MFA and SSO, the OTP can be very annoying to have as I do …
RSA token is another option used by many organizations. I think there is a definite benefit to soft tokens, but there's an inherent problem with them as well. If you have to reset your phone, you lose the ability to use that soft token until you set it up again, thus making …
Should be well-suited for a SaaS business organisation as they have a lot of internal applications and need a role-based authentication system between the various teams, improving security and audit log system to account for any breaches. It integrates well with internal applications such as Salesforce and Oracle. Best when need of SSO.
Yubico YubiKeys will likely always be my default recommendation for hardware security keys. It's well suited for environments where key portability is necessary, and for privileged environments where step-up or separate authentication hardware benefits the situation. For example, I can step up my Microsoft rights through PIM, but I'm required to use a Yubico YubiKey (AAGUID filter) even if I'm already using Windows Hello. This means that accessing my workstation doesn't grant rights, accessing my device AND my Yubico YubiKey does. I wouldn't necessarily recommend deploying Yubico YubiKeys to entire user populaces unless the situation calls for it (shared workstations, compliance environments, etc.). This is primarily centered around user training (which is a low bar, but still different), and dealing with loss (you'll want to budget for a % of key loss and be ready to rapidly issue replacements).
So as I said, the second-factor authentication that it does is really well. The response time is really good and all you have to do is just enter the second factor code and that's about it. Right? So that's the good part about using Yubico YubiKeys.
I do have to reset my password quite frequently. However, I don't think there is really a way to improve this, as it's a good security measure.
It makes me re-sign in a couple of times a day, sometimes if I haven't used my laptop for a couple of hours, and sometimes just randomly throughout the day.
It doesn't remember my devices, either my laptop or phone. so it always calls that out.
It can be about access control because either right now it's just you have access or you don't have access. I think there can be a use case where you are allowed a particular set of servers and not a particular set of servers. I think maybe it's there or we don't use it, but I haven't seen that. I think I've used Yubico YubiKeys at two companies and I haven't seen that. Maybe that's something that can be added.
Okta has a passion to provide secure and scalable identity solution. Their passion has come across as advocacy in a way that has deepened my knowledge of the field of authentication. I took identity for granted before but after seeing features such as external authentication I know that Okta can enable my business to reach new heights
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
The Okta Identity Cloud advertises 4 9's of reliability and I would go as far to say that it may even do better than that. As a true Global organization that operates in just about every region of the world, we have yet to have an issue with The Okta Identity Cloud that has impacted our business operations.
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
From my perspective, for the things that my group uses it for, Okta is very fast. It is as least as fast as the local password database methods that it replaces on our campus enterprise services. I do not believe that it slows anything down at all. In fact, not having to think too much about the login, because they all look the same, probably speeds things up somewhat.
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
We've had a few support cases over the years and every case has been handled by the Okta support team beautifully. We received clear answers to questions we had regarding setup and even were provided simple to follow guides on how to setup their product to use with custom applications.
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
Okta is far superior in terms of integrations, user interface, automation, and connectivity. Additionally, Okta offers better support and availability, and a more robust solution across every capacity Entra competes in. Okta simply works, whereas Microsoft Entra has a large overhead that is difficult to use when configuring things.
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever features we need personally and for our customers. So they provide all those features, but versus the other brands.
Being a cloud native application, The Okta Identity Cloud is extremely scalable and easy to setup. By integrating into existing directories and applications via standard techniques and protocols, it is very easy to both initially setup and add additional users as required. Once all the necessary integrations are setup, it's a simple rinse and repeat process to onboard additional users (which can be automated with imports as well)
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
Increased user productivity - not fighting with IT all the time!
Though there could be a bit more on the 'lost/broken phone' front, the self-service eliminates time that would typically be spent waiting for IT support/admins.
An Okta account under a certain domain allows proper access from the get-go, and under certain apps (such as our HRIS), adding members is easy.
Improved security - deactivating Okta removes all account access across multiple platforms instantly for leavers.
I think it's the flexibility in being able to let users pick the type of authentications that they want to use. Some are comfortable with the touch device on the physical Yubico YubiKeys. Others prefer the mobile app. So it provides flexibility for our users to choose how they want to authenticate without running a file of our security requirements.
