Overall Satisfaction with Yubico YubiKeys
I have implemented Yubikey hardware security keys for additional authentication and access control to our most sensitive IT infrastructure and accounts. Yubikeys provides multi-factor authentication, requiring users to have a physical security key, username, and password to gain access. We initially rolled out Yubikeys to our server admins and engineers who require privileged access to our production servers, databases, and network devices. Requiring the Yubikey as a second factor prevents unauthorized access if their credentials are compromised. It also protects against phishing attempts.
- Provides additional factors for authenticating against critical systems.
- Significantly reduces the chance of a successful phishing attempt.
- Can function as your primary credential for passwordless authentication.
- Extremely durable - I've had the same Yubikeys in use for years.
- Cross-platform - can be used on all mainstream operating systems and mobile devices.
- Yubikeys can get lost so you will need to plan for recovery.
- Biometric Yubikeys can be finicky so you may need a backup authentication option.
- Yubikeys can be shared or given to someone else.
- If you use them for time-based authentication, they store a limited number of codes.
- Hardware-based authentication factor that doesn't rely on someone's phone or other personal equipment.
- Easy to use and reasonably inexpensive.
- FIDO2/WebAuthn support for passwordless authentication.
- Durability
- Mobile device support.
- Reduces risk.
- Helps with security audits.
Using YubiKeys has significantly improved our organization's security posture and reduced risk exposure from various threats. As the head of IT security, I've seen firsthand the positive impact of deploying YubiKeys.By requiring a physical YubiKey as a second factor, we've made it extremely difficult for external attackers to gain access to employee accounts, even if they manage to steal passwords. Phishing campaigns and ransomware attacks are far less effective when strong multi-factor authentication exists. The YubiKeys have proven invaluable at blocking unauthorized access to our most vital infrastructure and web accounts. Even internal threats from compromised employee credentials are contained by enforcing YubiKey usage on admin accounts and privileged access workstations. Deploying YubiKeys hasn't completely removed the need to remain vigilant against emerging threats. But they have undeniably reduced our organization's exposure to identity theft, financial fraud, data breaches, and operational disruptions.
Assigning YubiKeys to users has proven to be a great opportunity to reinforce the importance of security and proper access controls in our organization. The act of handing someone a physical security key conveys that their role comes with significant trust and responsibility. When issuing YubiKeys, I take time to explain why multi-factor authentication is crucial for protecting their accounts and our most sensitive data. The users understand that the YubiKey is not just an extra step but a critical layer of protection against compromise. Deploying the YubiKeys makes access security feel tangible and personal to each employee. They appreciate that we've invested in their authentication to prevent their accounts from getting compromised. I've found that assigning a YubiKey gives people a sense of ownership over security and motivates them to be vigilant. Our users feel empowered to be part of the solution by properly using their key. It puts them directly in control of protecting their access.
Do you think Yubico YubiKeys delivers good value for the price?
Yes
Are you happy with Yubico YubiKeys's feature set?
Yes
Did Yubico YubiKeys live up to sales and marketing promises?
Yes
Did implementation of Yubico YubiKeys go as expected?
Yes
Would you buy Yubico YubiKeys again?
Yes