Hardware-based password-less authentication
May 06, 2021

Hardware-based password-less authentication

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Yubico

Currently, we use Yubico as a single sign-on solution for our administrators. We recently migrated to Azure AD and Yubikey 5 supports passwordless authentication which is a big plus. We are investigating whether a rollout to all users would be beneficial. This will depend on business decisions of device types that we are going to support and where the key works.
  • Passwordless authentication
  • Hardware-based tokens
  • Support NFC and USB
  • NFC cannot be used reliably when on a keychain, phones do not detect it properly anymore.
  • In fact you need two keys for backup purposes and that can be expensive.
  • Combination of work/private use of Yubikeys.
  • Not firmware updatable.
  • Ease of use for the end user.
  • Hardware based authentication.
  • Support of password-less authentication.
  • Better security for privileged accounts.
  • Investment is overseeable.
Hardware-based authentication is much better than software-based because it cannot be forged. Also, users lose their software authenticators when they move to a new phone. Yubikey always works, does not need a battery, and is built around safety. The protocol is well defined and supports multiple standards.

Do you think Yubico YubiKeys delivers good value for the price?

Yes

Are you happy with Yubico YubiKeys's feature set?

Yes

Did Yubico YubiKeys live up to sales and marketing promises?

Yes

Did implementation of Yubico YubiKeys go as expected?

Yes

Would you buy Yubico YubiKeys again?

Yes

It is well suited when a hardware authentication factor is needed or desired. The drawback is that you physically need to have it with you and that you may receive prompts to insert/use the key on devices that do not support it or cannot read the key due to no NFC or USB being present.