Skip to main content
TrustRadius
Yubico YubiKeys

Yubico YubiKeys

Overview

What is Yubico YubiKeys?

Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and…

Read more
Recent Reviews

Yubico Review

8 out of 10
May 16, 2024
Incentivized
When we access sensitive servers, there is always a need to have a 2-step verification process. So one step is always what you know, which …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

8 videos

View Playlist
Yubico YubiKey Review
05:09
Yubico YubiKey Review
06:57
Yubico YubiKey Review
04:58
View more videos
Return to navigation

Pricing

View all pricing

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.yubico.com/yubienterprise…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $3.94 per month per user
Return to navigation

Product Demos

Setting up the Security Key

YouTube
Return to navigation

Product Details

What is Yubico YubiKeys?

Yubico YubiKeys supports phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts.

Stopping phishing attacks and account takeovers before they start
The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks. And users experience fast and easy authentication with a simple touch or tap. For organizations that wish to secure sensitive data stored in servers, the YubiHSM offers an ultra-portable hardware security module, bringing great flexibility and affordability to any organization. For organizations that wish to secure sensitive data stored in servers, the YubiHSM offers a portable hardware security module, bringing great flexibility and affordability to any organization.

Deploying modern hardware MFA at scale
Organizational security is only effective when users adopt it. Distributing Yubico YubiKeys and onboarding users is simple and comes with expert guidance, enterprise subscriptions and global turnkey delivery services. A single Yubico YubiKey can be used right out-of-the-box across personal and work online accounts, and across 800+ IT systems and online services which makes it easier for the organization and the user to enhance protection for online accounts.

Yubico YubiKeys Features

  • Supported: Security: Two-factor, multi-factor and passwordless authentication
  • Supported: Authentication: Phishing defense using modern FIDO protocols that stops account takeovers
  • Supported: Multi-protocol capabilities: A single YubiKeys supports a range of authentication protocols such as FIDO2 (passkey)/WebAuthn, FIDO U2F, Smart card/PIV, OTP
  • Supported: Range of form factors: USB-A, USB-C, NFC enables stronger security across a range of legacy and devices
  • Supported: Supports legacy and modern environments: Secures legacy on-premises and modern cloud environments
  • Supported: Enterprise-ready: Hardware MFA available as a “YubiKeys as a Service” model to help deliver strong phishing-resistant MFA

Yubico YubiKeys Videos

Accelerating Zero Trust strategy with the YubiKey delivering strong, phishing-resistant MFA
The Bridge to Passwordless Authentication
Phishing-resistant MFA to meet new cyber insurance requirements

Yubico YubiKeys Integrations

Yubico YubiKeys Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationApple iOS, Android

Yubico YubiKeys Downloadables

Frequently Asked Questions

Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.

Yubico YubiKeys starts at $3.94.

Reviewers rate Usability highest, with a score of 9.1.

The most common users of Yubico YubiKeys are from Small Businesses (1-50 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(137)

Attribute Ratings

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why
June 10, 2024

Yubico YubiKeys is a secure easy to use solution that has made our company more secure

Chad Byrd | TrustRadius Reviewer
Chad Byrd
IT Systems Engineer
Betenbough Business Services (Construction, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We currently use Yubico YubiKeys for our higher at risk users that have access to sensitive company information. For us it is an easy secure way for them to be secured and not worry about unauthorized access to sensitive data we need protected. It also assures that we reduce the risk as much as possible for risk of credential theft.

-we are now exploring the ways that YubiKeys can also be used for personal security of items and the different ways to implement the service and hardware to get the most benefit for our company and people.
Pros and Cons
  • Fast easy authentication to hardware and software
  • Easy for users to use
  • Easy to keep up with
  • We have had a couple of instances of issues with the key not working correctly intermittently
  • Some issues with users breaking keys as some models are slightly flimsy
  • Overall we are happy so I can’t think of anything else
Likelihood to Recommend
For us high value targets that have sensitive access, it just makes sense to use Yubico YubiKeys. We feel comfortable with the solution and hardware. It’s super easy for everyone to use. They say the feel important having to use it like a spy sometimes. For our everyday user we have not deployed currently and are still trying to decide if it’s right for them due to the fact that we have many pieces of hardware lost with just their access entry NFC devices.

With the extra personal protection I tell everyone about it and how I am integrating this into my personal security as well.
Most Important Features
  • Easy to set up
  • Overall great hardware
  • Small form factor
  • Many different options for hardware style
Return on Investment
  • Defiantly a reduction in password resets for some higher level users that we had issues with in the past
  • Feeling secure in the knowledge that our data is secure with using Yubico YubiKeys
  • Easy to integrate and use with our windows products
Security
The impact is is very large for us with the use of Yubico YubiKeys and we feel safe and secure knowing the users have this secure device and having to have it on hand to gain access to resources. We sleep better at night knowing that phishing and ransomware risk is greatly reduced for our high risk users and the service has been reliable.
User Experience
Our users love the Yubico YubiKeys specifically for how small and un-intrusive the device is to carry. They feel more secure with less risk of someone getting their credentials and causing harm to the company. Technical users and implementers feel confident in the security and have less to worry about with it lowering our surface area of risk.
Alternatives Considered
We have thought about just trying another competitor for due diligence but have not explored that option yet. We went with Yubico YubiKey due to hearing about it at a conference and decided to start experimenting with the solution. We are pretty decided on what we are going with for a rollout but will explore another just to show that we had options. We will not put the effort into full experimentation of the product but more of just a side by side comparison on controls, ease of implementation and reviews.
Other Software Used
Users and Roles
10
So we are just now rolling out YubiKeys in our organization. Currently just the high level personnel and high level access people with sensitive access to data. So our C levels and IT people have been rolled out first for testing and working out an issues along the way we may run into in the wild between the different applications we have before we offer this company wide.
Support Headcount Required
6
So there are 7 of us total, we have 4 desktop support and 3 Engineers that if needed for escalation past what desktop can do. As far as skills go, the main thing with support is just adjusting the user to how it works and setup for first time use. Rarely once configured is there anything that we have to do unless replacing a damaged/lost item.
Business Processes Supported
  • be as phish proof as possible with our applications
  • remove credential theft as a worry in our system
  • moving towards a password less organization
  • I was told they feel cool and like a spy having to carry one of these
Innovative Uses
  • using the multi device authentication for the new Iphones
  • people have even used the same yubikey for their homes and devices
  • looking at some of the blockchain ideas to secure wallets
  • thinking about implementing the secure print for our HR and accounting depts.
Future Planned Uses
  • We are looking into the encryption and signing of emails for sensitive documents
  • looking at the physical access options for entry to buildings and rooms
  • I am exploring adding this as a key to get into our VPN for the company
  • as we migrate to GitHub our software devs are exploring a requirement for the code repositories
Likelihood to Renew
9
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
Products Replaced
No
Key Differentiators
  • Cloud Solutions
  • Scalability
  • Integration with Other Systems
  • Ease of Use
The number one factor for us is going to be the Ease of Use. For us we need something that is not complicated to use or implement. There are so many other things that are complicated within our networks and having this as a set and forget type device for access control is very helpful to everyone.
Evaluation Lessons Learned
No, Yubikey is well known and when it comes to dependability and good reputation is more important than anyone offering a better price. With a well known company there are more likely more integrations of use. In my experience companies tend to developed integrations/connections/compatibility first for well known and highly used companies that are stable.
Implementation Rating
9
Implementation was fairly easy and documentation was abundant online. I wouldn't say it was just straight forward just from UI standpoint but finding documentation to lead you along the was made things easy for a professional to follow. All of my team who first tested this to use basically did self learning from documentation and made our own documentation to fit our company needs for the users that are using this.
Implementation Details / Implementation Partner
  • Implemented in-house
Implementation Phases
No
Change Management Lessons
Change management was minimal
Our team is maybe a little weird since we are so small there wasn't a lot of change management due to being able to learn and test this in our small inhouse group then releasing it to our test user group. Being as small as we are some of our change management is just saying hey I'm doing this thing. Works for us but maybe bigger teams not so much and would be more important to implement.
Implementation Issues
  • learning to keep your personal token with you at all times
  • Learning the steps to implement this with our different products, as the process isn't the same between products
  • the need for 2 physical token, and different form factors finding the right one between the different interfaces
Training Types Used
  • No Training
Ease of Yubico YubiKeys Training
For many I would suggest training, since I am and IT professional I can figure things out very quickly and have an idea how it works. For our end users I would have to either train them from my documentation of instructions or find some type of online source for their training and questions they may have.
Product Configurability
10
I would say it's just right at this point, since security has now become a mainstay for organizations there seems to be a large willingness to adopt to these types of authentication methods for everyday software for Companies as well as providers for individual home users now. I think as time goes on it will become a standard practice to include a token based authentication for everyday software access. I have not found any issues based on the products configurability that has just left us stuck and documentation is very easily found and available.
Configuration Lessons
We have not developed any yet but that will come as we plan the final phase for roll out to our users in mass. That has not become a subject yet as we are still in testing phase for the next few months. Once we are past that then we will get together as an implementation team and sort that out before we begin. We will rely on guidance from Yubico best practices to outline how best it will work for us.
UI Customization
No - we have not done any customization to the interface
Extensibility and Customization
No - we have not done any custom code
Additional Customization Considerations
We have not done any different or additional configuration or customization at this point. We do have hopes for our software team to integrate this within our custom software that we have built to make things more secure on our in house products. Once they get to a point where they can start working on integrating Yubico into our systems that will be a whole other project.
Support Rating
10
We have only interacted with support once but it was quick and easily answered. Mostly just questions regarding adding this to certain apps.
Premium Support
We are still experimenting at this point and dogfooding this within certain users until we decide to roll out in mass. When we do roll out we do like to have the comfort of a support team behind us for when we need it and to be able to access it immediately to quickly resolve any issues. So when we do go company wide support will be be important to us.
Bug Resolution
No
Exceptional Examples of Yubico YubiKeys Support
So what really got us started with exploring this was going to the RSA conference and talking with the reps there and what all the YubiKey can support and how they are adding more and more things that it can be used for we opened up exploring this option more and more. Last year we played with a few, but with how the landscape is looking with threats we are wanting to find the most secure way to access our resources and not have to worry about credential theft as much. I would say the Reps at RSA were very knowledgeable and gave us lots of detail and insight to want to explore more.
Usability
10
The usability so far with what we have integrated with was very easy to set up and implement. With security a hot topic these days many companies are no forcing 2FA and MFA. having a physical key is a highly secure way to access things and with the key's that have mfa/usb makes the usability with the multitude of vendors hopping on board with this type of security very easy to add to our own secure environment.
Easy Tasks
  • The 2FA is a breeze for us and very usefull
  • Going password less for our systems was very fast and easy
  • using the FIDO2 protocols on some of our systems was easy
  • integrating into our LastPass environment was a breeze and gives us reassurance we are protecting a very critical resource.
Difficult Tasks
  • I would say compatibility issues in which waiting on certain platforms to integrate is a difficult sell to management who want a single uniform way to authenticate.
  • Having to have multiple keys as a backup per person, Not sure of a good solution but having to keep up with 2 keys for the just in case loss or damage of a key is cumbersome.
  • The different form factors of I haven't done any firmware updates as of yet as I am a little on the it's not broken so why fix it, and risk breaking it. Having usb-c to usb-a within different devices but again that is kind of a cumbersome on having to use adapters at times for users.
  • I have not yet done firmware updates for my key or anyone else, I am an it's not broken so why fix it mentality with it due to if something were to go wrong I am not wanting to replace it. I have not personally gotten a second key yet but I should.
Mobile Interface Availability and Impressions
Yes
I have used this with my iPhone a few times with iPhone via USB-C and also the NFC on certain apps but I have only began to explore this option recently. I have it set for my LastPass on iphone, Google drive and account, and for my personal coinbase account.
Scalability
9
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
Reliability and Availability
10
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
Performance
10
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
Ease of Integration
10
Our software dev team has looked into this and with the current api plugins they feel like this will be a straightforward project to be able to integrate this within our custom software.
Systems Integrated With
  • Custom software written in house
Future Integration Plans
  • we have a custom application that our software team has designed we are exploring authentication types to build and integrate with on our roadmap
We are exploring authentication types with our custom software that runs our company and this would definitely be a type of authentication I would prefer for high security. I have added this as a suggestion to the software team as we move into 2FA/MFA/Password less exploration for our application and integration.
Types of Integration
  • API (e.g. SOAP or REST)
Integration Lessons Learned
I don't know that I have any advice besides deciding on what you need an integration for and how you would like the integration to work. Our software team is good at seeking consultation and support from companies they are writing to integrate with. The only advice would be to feel out how well they work with you for support and creating customizations. Their team so far had been excellent at answering questions and how best to frame the project.
Pre-Sale Experience
1
We aren't working with a vendor currently until we roll this out as an enterprise, but we will be working with CDW for this once we get past the initial planning phase. As far as being easy to work with they are our go to for most things and we have a great working relationship to broker new projects.
Post-Sale Experience
That will be a determination after we roll this out but just in past projects and continuing support we have never had any issues and they generally get us the support or answers we need directly from the source or their in house experts to support us.
Key Negotiation Points
Once we go into talks the main thing is going to be determining the supply of product and licenses we will need and negotiate based on an initial estimate. We generally will only start off with a year of support as we go into anything new as skeptics and after the year decide to go multiyear support once we have determined how and the best way for us to be supported.
Dealing with Yubico
In the past dealing with our vendors having a good relationship with the vendor and your sales rep is key. He is an advocate for us and that comes with years of working together. We are straight forward and will ask and tell what we need and the level of support we are expecting. It's always nice to have a vendor and same sales rep to go to but when eventually you get assigned to another person we try to establish the same relationship and trust by being upfront of what we expect and what works for our company.
Upgrade Process
No
Upgrade Benefits
  • the feeling of security on sensitive products
  • not having to remember all different passwords
  • the hope of pushing the company to a zero trust environment
Anticipated Benefits from Future Upgrades
  • I would like to see a physical key with storage built in and integrated with they key somehow. I have to carry a key plus my flashdrive of tools on my keychain and makes it kinda bulky.
Future Edition Upgrade Plans
Yes
Once we get through our period of exploration and take this to our directors to approve a company wide roll out we will be exploring which plan would benefit us whether it be Professional or Enterprise version. But once we have the green light we will roll out a full version of sorts and have a support team to back us up for any issues along the way.
Migrating Between Editions
No
June 04, 2024

Yubico YubiKeys: Lightweight, Durable, Easy to Use

Russell Licht | TrustRadius Reviewer
Russell Licht
Senior Operations Engineer
Cru (Non-profit Organization Management, 5001-10,000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Yubico Yubikeys are used for laptop authentication, password manager, 2FA, Google Domain 2FA, and Personal Encrypted Containers.
Pros and Cons
  • One-time use passwords
  • 2 Factor Authentication
  • Complex Password and device remembered
  • The Nano is still working after 12 years
  • After so long, full-sized Yubico YubiKeys are getting flaky and the button won't always work
Likelihood to Recommend
Yubico YubiKeys are durable, lightweight, easy to use, support several authentication protocols, and have an enterprise management option.
Most Important Features
  • Simple and easy to carry
  • Enterprise management features
  • Durable and long-lasting
Return on Investment
  • Bought once, back in 2011 or 2012 and still using the device.
  • Works with whatever device or service I needed it to.
Security
It's used mostly for 2FA together with LastPass to encourage employees to use stronger passwords.
User Experience
As soon as our corporate use of Google for Business began requiring MFA, employees were using their own money or office budgets to buy Yubico Yubikeys.
Alternatives Considered
Much less annoying to work with than the authenticator app on smartphones that requires retyping 6 digits.
Other Software Used
Users and Roles
30
IT and finance.
Support Headcount Required
We don't do corporate management. Each person is responsible for their own YubiKey. Most of us purchased them as individuals.
Business Processes Supported
  • Access to a password management app
  • Google sign in
  • Various apps the support YubiKeys
Innovative Uses
  • Combining a very long passcode from a YubiKey with a password to merge "something you have" with "something you know."
Future Planned Uses
  • Managed access solution for individuals with very specialized access privileges to financial systems.
Likelihood to Renew
10
My first YobiKey is still working 12 years later.
Products Replaced
Yes
Fingerprint reader.
TOTP key fob with LCD screen (can't remember product name.)
Key Differentiators
  • Scalability
  • Ease of Use
It's easy to use and easy to deploy in an enterprise environment. It can be combined with other OTP or MFA protocols in cloud systems.
Evaluation Lessons Learned
Get the corporate VP of operations on board with the purchasing decision.
Implementation Rating
10
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
Implementation Details / Implementation Partner
  • Don't know
Implementation Phases
Yes
Each individual on their own pace.
Change Management Lessons
Change management was minimal
Implementation Issues
  • Corporate IT did not buy in, so individuals proceeded on their own through word-of-mouth, internal marketing.
Usability
10
One-touch generation of OTP or MFA token.
Easy Tasks
  • One-touch or long-touch to generate two different kinds of passcodes
Difficult Tasks
  • Inserting into a USB-A device into a USB port after USB-C became the new laptop standard.
Mobile Interface Availability and Impressions
Yes, but I don't use it
June 04, 2024

Fast and Secure Way to MFA - and Password-less, Too!

Verified User
Consultant in Customer Service
Computer & Network Security Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Yubico YubiKeys are an essential part of our logins. When hired, every employee in my business unit receives a YubiKey 5c Nano along with their laptop. Since we are a hybrid workforce and many of us work from home, this allows us to log in with phishing-resistant MFA to all of our SaaS applications that are protected by Duo. Since WebAuthn is the standard from the start, this ensures that the highest level of protection is enforced from an authentication perspective. This has solved the issue of wondering whether or not users are logging in securely from disparate locations. It is also easy for users to authenticate with the tap of a finger to access critical applications - even in a Passwordless workflow!
Pros and Cons
  • Ease of use
  • Multiple authentication protocols
  • Cross-compatibility
  • Reduce the cost of keys
  • Honestly, Yubico YubiKeys are great and have all the features we need
  • No other criticisms - it just works!
Likelihood to Recommend
Yubico YubiKeys are great for hybrid applications that support both modern and legacy authentication methods. For example, for web-based applications that are federated behind an IdP, the Yubico YubiKey WebAuthn (FIDO2) mechanism is the gold standard of phishing-resistant MFA. The same Yubico YubiKey (if a supported model) can also be used as an OTP hardware token so that the user does not have to use 2 different roaming authenticators for logging into all their applications. One YubiKey to rule them all!
Most Important Features
  • Multiple authentication methods supported (FIDO2 + AES/OTP)
  • Ease of use
  • Provisioning/user onboarding
Return on Investment
  • Reducing breaches (phishing-resistant MFA)
  • Passwordless (quicker, easier, safer logins)
  • End user self-enrollment (no administrative setup for WebAuthn)
Security
It has greatly reduced the likelihood of successful phishing attacks, makes MFA easier for end users (better experience equals users will comply with security controls), and helps secure applications by providing out-of-the-box compatibility with modern web browsers. Our overall risk exposure and attack surface have diminished to allow secure authentications from anywhere in the world.
User Experience
Whether it is WebAuthn or OTP, Yubico YubiKeys allows a single tap of a button to use MFA. With WebAuthn, this has changed the game as we also have a Passwordless authentication workflow and, with the use of FIDO2-compliant YubiKeys, makes the fastest and most secure login experience possible for our users.
Alternatives Considered
Duo and Yubico YubiKeys actually work very well together. We have chosen to use these two products together to make safe and secure MFA (including Passwordless) available to all users. The ease of use that Duo allows for both OTP import and WebAuthn enrollment makes it possible for modern and legacy applications to be protected by Duo MFA via Yubico YubiKeys as the second factor.
Other Software Used
Users and Roles
1200
Multiple! Each team member supports our flagship product and is shipped a YubiKey during onboarding. These folks make up the following functions: Engineering, Marketing, Customer Support, Product Management, Sales, and many more. Although we are moving to a Passwordless login experience using Platform Authenticators, YubiKeys are essential to how we do business and protect our applications.
Support Headcount Required
10
These folks make up our in-house technical support team. Although many other engineering and customer success personnel can manage their own YubiKeys and assist with other's keys, our dedicated support team is available to help with troubleshooting issues that arise by way of ongoing issues/maintenance. We are happy to have them support us!
Business Processes Supported
  • Secure access into applications
  • MFA
  • Passwordless
Innovative Uses
  • Using multiple protocols on keys (FIDO2, U2F, OTP, etc.)
  • Device registration via PIN
  • Export token slot details
Future Planned Uses
  • Secure enclave
  • Roaming Passkeys
  • Enterprise Attestation
Likelihood to Renew
10
Yubico as a company has a good reputation for transparency, supporting the open-source community, and working towards improving online security at a broader scale. Hardware tokens like the YubiKey are effective at mitigating phishing attacks because the authentication does not rely on a password that could be tricked out of a user. Even if a user is directed to a malicious site, the site won't be able to capture the hardware token's response in a way that could be reused.
June 04, 2024

Yubico Review

FF
Fredrik Forsell
CIO
RödSvart (Information Technology & Services, 1-10 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
So we use the YubiKey for securing most of our cloud services, like Office 365, Microsoft 365 mainly, but also other things like password managers. And as far as the services will let us, we try to use mainly the Yubikeys for the physical security tokens and trying to use them for passwordless access to avoid the risks of password theft.
Pros and Cons
  • The setup is very easy. It's well documented and it's well supported with most services.
  • The backup situation is a hard problem to solve, but it needs to be resolved sooner or later because as it is now, if you have two Yubikeys, you have to enroll them both. When you lose one, you have to remember which one to deactivate and that's a hassle. Fortunately that doesn't happen very often. But having a backup Yubikey that you don't have to enroll everywhere but they can switch over to would be a dream.
Likelihood to Recommend
I'd say it's very appropriate to secure your cloud access and also for login, it's less appropriate for local login. I'd say logging into Windows computers can be hard to do correctly. And on Mac computers, it's a no go as far as I can tell.
Most Important Features
  • Ease of use
  • Hardware security
Return on Investment
  • I'd say it's enhanced our security and it's very easy to get the users to use them. It's very, at least easy to teach them how to use them.
Security
I'd say it's enhanced our security because we are moving towards a two factor and passwordless situation with the limited resources we have in our organization. So it's a good fit.
User Experience
It's been mostly problem-free compared to other solutions like two-factor authentication apps like Authenticator apps, it's much easier to get them to use it, just plug it in and go ahead. So I'd say it's pretty convenient.
Alternatives Considered
If you compare it to authenticator apps, I'd say it's much more easy to set this up for the individual user. Well, it's Swedish. It's also very well documented. There are a lot of guides on how to use them and I have a lot of faith in the security posture of Yubico and how the keys are developed and general security of the solution.
Other Software Used
Users and Roles
8
All functions
Support Headcount Required
1
Understanding of the different authentication protocols and how different software and services use them
Business Processes Supported
  • Microsoft 365 authentication
  • Password manager 2FA
Innovative Uses
  • Door access
Future Planned Uses
  • Not sure
Likelihood to Renew
9
Products Replaced
No
Key Differentiators
  • Cloud Solutions
  • Integration with Other Systems
  • Ease of Use
  • Other
Very secure authentication with hardware based security.
Evaluation Lessons Learned
Evaluate different vendor and models
Premium Support
No, not needed. We don't use custom integrations.
Bug Resolution
No
June 04, 2024

Yubico YubiKeys Works!

Verified User
Manager in Product Management
Information Technology & Services Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it for our MFA with OKTA
Pros and Cons
  • Quick
  • Easy to set up
  • Small profile
  • My USB-a nano broke pretty easily
  • Lower profile USBc
Likelihood to Recommend
IT works well and meets our requirements.
Most Important Features
  • Secure
  • Small
  • Easy to deploy
Return on Investment
  • It meets our infosec requirements for mfa and security
Security
Secure MFA has been achieved and eliminated passwords.
User Experience
It has been well received and used easily.
Alternatives Considered
We used authenticator apps which aren't as quick.
Other Software Used
Users and Roles
15000
Yubikeys are provided by our InfoSec and IT teams for all employees as an MFA option. This represents all business functions that use the internal network resources.
Support Headcount Required
30
Out internal IT and Infosec teams are setup and equipped to support our use of Yubikeys
Business Processes Supported
  • MFA
  • Secure authentication
  • Passwordless
Innovative Uses
  • Using for internal app authentication
  • Using for authentication in our partner external apps
  • Using for local machine authentication
Future Planned Uses
  • One touch voting in Zoom
  • Docusign
Likelihood to Renew
10
I don't see us moving away from Yubikey any time soon as I am not aware of any competitor in the physical security key space.
Return to navigation