TrustRadius: an HG Insights company

Yubico YubiKeys

Score9.2 out of 10

147 Reviews and Ratings

Learn More

Contact about Yubico YubiKeys

Please fill out the form below to get in touch.

Yubico

Connect with Yubico

What are you interested in?

Already have an account?

You hereby consent to have TrustRadius share the information supplied on this form with Yubico so that Yubico and TrustRadius may contact you in regard to the information requested.

What is Yubico YubiKeys?

Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.

Categories & Use Cases

Reviews

What users are saying about Yubico YubiKeys.
View all reviews

Yubico YubiKeys Review

Incentivized
Alan Gin
Co-founder and CEO in Corporate at ZeroDown® Software (11-50 employees employees)

Use Cases and Deployment Scope

We're using it for MFA in the business, using it primarily with a password manager, to generate passwords, long and encrypted passwords, and then also to help us protect us with email.

Pros

  • Peace of mind for security, and not worried about whether or not the public key and private key is going to work. Provides another level of confidence for MFA

Cons

  • I can't think of anything.

Return on Investment

  • That's a tough question because right now we haven't had any problems since using it. Again, using with our password managers has just been pretty clean. I haven't had anybody object to using it. They all think it's cool. It could be because they're a bunch of nerds yet.

Other Software Used

Bitwarden, LastPass for Business

YubiKeys - highly recommended

Daan Kets
Managing Partner in Corporate at Delta Source (11-50 employees employees)

Use Cases and Deployment Scope

We use YubiKeys to secure our access to various cloud platforms with hardware backed passkeys. This creates trust with the customers we service, and ensures that we can recuperate credentials from members that leave our organization. The advantage is that we do not have to rely on additional software and that the YubiKeys are standards compliant. They are also extremely resilient. We used the first generation of keys originally, and almost all of them are still working fine. For us, the one-time cost of a YubiKey is an especially good investment vs the recurring cost of other tooling.

Pros

  • Key management tooling is great and well maintained
  • The form factor is superb
  • Standards compliance
  • Super resilient

Cons

  • The old YubiKey Nanos had a hole for a lanyard, the new ones no longer have that.
  • A quick way to identify the YubiKey by a name would be great

Most Important Features

  • WebAuthN support
  • PKCS11 compliant

Return on Investment

  • Serious risk reduction
  • Less support needed for customers that use YubiKeys
  • Certainty that certain credentials can never be copied

Alternatives Considered

1Password

Fast and Secure Way to MFA - and Password-less, Too!

Incentivized
Verified User
Consultant in Customer Service (10,001+ employees employees)

Use Cases and Deployment Scope

Yubico YubiKeys are an essential part of our logins. When hired, every employee in my business unit receives a YubiKey 5c Nano along with their laptop. Since we are a hybrid workforce and many of us work from home, this allows us to log in with phishing-resistant MFA to all of our SaaS applications that are protected by Duo. Since WebAuthn is the standard from the start, this ensures that the highest level of protection is enforced from an authentication perspective. This has solved the issue of wondering whether or not users are logging in securely from disparate locations. It is also easy for users to authenticate with the tap of a finger to access critical applications - even in a Passwordless workflow!

Pros

  • Ease of use
  • Multiple authentication protocols
  • Cross-compatibility

Cons

  • Reduce the cost of keys
  • Honestly, Yubico YubiKeys are great and have all the features we need
  • No other criticisms - it just works!

Most Important Features

  • Multiple authentication methods supported (FIDO2 + AES/OTP)
  • Ease of use
  • Provisioning/user onboarding

Return on Investment

  • Reducing breaches (phishing-resistant MFA)
  • Passwordless (quicker, easier, safer logins)
  • End user self-enrollment (no administrative setup for WebAuthn)

Alternatives Considered

Cisco Duo

Other Software Used

Cisco Duo, Google Chrome, FreeRADIUS

Yubico YubiKeys Review

Incentivized
Verified User
Director in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

Our organization prioritizes security at all levels, especially for accounts with sensitive access. We've strategically integrated YubiKeys into our authentication processes to protect both IT operations and high-profile individuals like our CEO, CFO, and sales team. These hardware tokens address multiple critical business security needs: Phishing Defense: Passwords are inherently vulnerable to phishing attacks. YubiKeys provide a phishing-resistant layer of security, guarding against unauthorized access even if credentials are compromised. Mitigating Account Takeovers: YubiKeys significantly decrease the risk of account takeovers. This is a major benefit for privileged users and employees handling sensitive data. Streamlined Admin Access: Our IT administrators use YubiKeys for simplified, secure logins to privileged Microsoft accounts and critical firewalls. Scope of Use: We've implemented YubiKeys across our IT administrator team and for high-profile end users with elevated access requirements. This provides robust protection for essential infrastructure and sensitive company data. We aim to expand YubiKey adoption throughout the organization in the future for maximum security coverage.

Several years later and these YubiKeys are still going strong. We've not encountered any issues, and they've been through the wringer (literally - several been through several washing machine cycles).

Pros

  • Ensure we extend the security to cover physical (what you have).
  • Ties into many third party OATH solutions out of the box.
  • Provides robust defense against man in the middle attacks by ensuring our encryption layers are secure.

Cons

  • Key recovery with the onboard chip requires a third party toolkit.

Most Important Features

  • Physical security

Return on Investment

  • Additional overhead requiring access the the physical token has been a bit difficult selling point.

Other Software Used

Fortinet FortiGate, Mimecast Email Security Cloud Integrated, Microsoft 365

Yubico YubiKeys are my go to for hardware security keys

Incentivized
Verified User
Director in Professional Services (1001-5000 employees employees)

Use Cases and Deployment Scope

Yubico YubiKeys are used throughout our organization, and I use them in my personal life to solve the challenges of both very strong authentication (often privileged) and portable authentication (FIDO in my pocket). Through a combination of WebAuthn credentials and X509 credentials, Yubico YubiKeys are the backbone of our most secure authentication scenarios.

I began using Yubico YubiKeys with the first gen and Yubico OTPs, but the FIDO Alliance has driven Yubico YubiKeys to be a premier tool in a broader mixed-security strategy, where secure hardware keys are used for privileged or portable secure authentication, or in step up (PAM) scenarios.

Pros

  • The durability and reliability of the Yubico YubiKeys is unmatched, making me feel safe to carry it with me on a keychain and have it accessible.
  • I'm confident in the hardware security of the Yubico YubiKeys, knowing that the key material is well protected and that tampering with the key would leave obvious traces. This makes key revocation decisions intuitive.
  • The ease of use of the Yubico YubiKeys for power users like myself is unmatched, and easy to train "less power" users on. The broad platform compatibility that Yubico was essential to is a huge driver here.

Cons

  • A more simple interface for managing resident keys would be helpful, making it easier to free up a slot when a key is no longer needed. But the core of WebAuthn makes this a challenge.
  • Color options would be nifty, not just aesthetically but also operationally. Having a "red key" for privileged would be helpful.

Most Important Features

  • WebAuthn is today's primary use factor, and is supported by all the keys.
  • X509/PIV is a second for environments that use PKI today (given proper minidriver rollouts)
  • The durability and ease of use of the key are essential for folks who will be carrying it around

Return on Investment

  • WebAuthn is an automatic security win, adding hardware keys where your security model calls for it is a natural choice. The automatic support for this makes this easy to integrate into your existing strategy at a reasonable cost/key for the quality.
  • For privileged scenarios, the risk reduction opportunity is significant. You can leverage hardware keys for privileged access that integrate well within existing identity platforms (like Microsoft) so roll-out is a simple matter of config.
  • The 6 Ps apply here, deployments must be planned carefully to ensure the impacted users are ready. Else you will see key loss, helpdesk demand, etc. Plan the deployment well so that users know what they are doing on day 1.

Other Software Used

Microsoft Entra ID, Google Identity Services, Microsoft 365