TrustRadius: an HG Insights company

Yubico YubiKeys

Score9.2 out of 10

148 Reviews and Ratings

Learn More

Contact about Yubico YubiKeys

Please fill out the form below to get in touch.

Yubico

Connect with Yubico

What are you interested in?

Already have an account?

You hereby consent to have TrustRadius share the information supplied on this form with Yubico so that Yubico and TrustRadius may contact you in regard to the information requested.

What is Yubico YubiKeys?

Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.

Categories & Use Cases

Reviews

What users are saying about Yubico YubiKeys.
View all reviews

My Experience With Yubico YubiKeys.

Incentivized
Regan Zizzi
Network Engineer in Information Technology at OV Energy S.p.A. (51-200 employees employees)

Use Cases and Deployment Scope

With Yubico YubiKeys, we've effectively reduced security breaches thanks to the phishing-resistant MFA solution. We have this security solution deployed company-wide, and it prevents account takeovers and ensures compliance with Zero Trust security standards. In addition, Yubico YubiKeys provide fast, secure access thanks to their tap-and-go (passwordless) authentication, improving the user experience.

Pros

  • Phishing resistance works really well.
  • It reduces breach risks by up to 99%.
  • It effectively blocks and stops account takeovers.
  • The MFA is fast and reliable.
  • Passwordless Access works really well - better user experience.

Cons

  • Besides lost keys risks, everything else about Yubico YubiKeys has been smooth.

Most Important Features

  • MFA is fast, reliable and phishing resistant.
  • Tap-and-go ensures fast access and better user experience.
  • Supports privileged access management.

Return on Investment

  • With Yubico YubiKeys, we no longer worry about unauthorized access to business data/resources, which saves us money and protects our business reputation.
  • Fast authentication using MFA and tap-and-go passwordless features ensures a better user experience and fast access.
  • Since we have a hybrid workforce, Yubico YubiKeys make it possible to secure our remote work.

Other Software Used

Avast Email Security, FortiPAM

Yubico YubiKeys Review

Incentivized
Alan Gin
Co-founder and CEO in Corporate at ZeroDown® Software (11-50 employees employees)

Use Cases and Deployment Scope

We're using it for MFA in the business, using it primarily with a password manager, to generate passwords, long and encrypted passwords, and then also to help us protect us with email.

Pros

  • Peace of mind for security, and not worried about whether or not the public key and private key is going to work. Provides another level of confidence for MFA

Cons

  • I can't think of anything.

Return on Investment

  • That's a tough question because right now we haven't had any problems since using it. Again, using with our password managers has just been pretty clean. I haven't had anybody object to using it. They all think it's cool. It could be because they're a bunch of nerds yet.

Other Software Used

Bitwarden, LastPass for Business

YubiKeys - highly recommended

Daan Kets
Managing Partner in Corporate at Delta Source (11-50 employees employees)

Use Cases and Deployment Scope

We use YubiKeys to secure our access to various cloud platforms with hardware backed passkeys. This creates trust with the customers we service, and ensures that we can recuperate credentials from members that leave our organization. The advantage is that we do not have to rely on additional software and that the YubiKeys are standards compliant. They are also extremely resilient. We used the first generation of keys originally, and almost all of them are still working fine. For us, the one-time cost of a YubiKey is an especially good investment vs the recurring cost of other tooling.

Pros

  • Key management tooling is great and well maintained
  • The form factor is superb
  • Standards compliance
  • Super resilient

Cons

  • The old YubiKey Nanos had a hole for a lanyard, the new ones no longer have that.
  • A quick way to identify the YubiKey by a name would be great

Most Important Features

  • WebAuthN support
  • PKCS11 compliant

Return on Investment

  • Serious risk reduction
  • Less support needed for customers that use YubiKeys
  • Certainty that certain credentials can never be copied

Alternatives Considered

1Password

Fast and Secure Way to MFA - and Password-less, Too!

Incentivized
Verified User
Consultant in Customer Service (10,001+ employees employees)

Use Cases and Deployment Scope

Yubico YubiKeys are an essential part of our logins. When hired, every employee in my business unit receives a YubiKey 5c Nano along with their laptop. Since we are a hybrid workforce and many of us work from home, this allows us to log in with phishing-resistant MFA to all of our SaaS applications that are protected by Duo. Since WebAuthn is the standard from the start, this ensures that the highest level of protection is enforced from an authentication perspective. This has solved the issue of wondering whether or not users are logging in securely from disparate locations. It is also easy for users to authenticate with the tap of a finger to access critical applications - even in a Passwordless workflow!

Pros

  • Ease of use
  • Multiple authentication protocols
  • Cross-compatibility

Cons

  • Reduce the cost of keys
  • Honestly, Yubico YubiKeys are great and have all the features we need
  • No other criticisms - it just works!

Most Important Features

  • Multiple authentication methods supported (FIDO2 + AES/OTP)
  • Ease of use
  • Provisioning/user onboarding

Return on Investment

  • Reducing breaches (phishing-resistant MFA)
  • Passwordless (quicker, easier, safer logins)
  • End user self-enrollment (no administrative setup for WebAuthn)

Alternatives Considered

Cisco Duo

Other Software Used

Cisco Duo, Google Chrome, FreeRADIUS

Yubico YubiKeys Review

Incentivized
Verified User
Director in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

Our organization prioritizes security at all levels, especially for accounts with sensitive access. We've strategically integrated YubiKeys into our authentication processes to protect both IT operations and high-profile individuals like our CEO, CFO, and sales team. These hardware tokens address multiple critical business security needs: Phishing Defense: Passwords are inherently vulnerable to phishing attacks. YubiKeys provide a phishing-resistant layer of security, guarding against unauthorized access even if credentials are compromised. Mitigating Account Takeovers: YubiKeys significantly decrease the risk of account takeovers. This is a major benefit for privileged users and employees handling sensitive data. Streamlined Admin Access: Our IT administrators use YubiKeys for simplified, secure logins to privileged Microsoft accounts and critical firewalls. Scope of Use: We've implemented YubiKeys across our IT administrator team and for high-profile end users with elevated access requirements. This provides robust protection for essential infrastructure and sensitive company data. We aim to expand YubiKey adoption throughout the organization in the future for maximum security coverage.

Several years later and these YubiKeys are still going strong. We've not encountered any issues, and they've been through the wringer (literally - several been through several washing machine cycles).

Pros

  • Ensure we extend the security to cover physical (what you have).
  • Ties into many third party OATH solutions out of the box.
  • Provides robust defense against man in the middle attacks by ensuring our encryption layers are secure.

Cons

  • Key recovery with the onboard chip requires a third party toolkit.

Most Important Features

  • Physical security

Return on Investment

  • Additional overhead requiring access the the physical token has been a bit difficult selling point.

Other Software Used

Fortinet FortiGate, Mimecast Email Security Cloud Integrated, Microsoft 365