Pros & Cons of Yubico
- Adds two-factor or multifactor authentication to almost any password manager to vastly increase security
- Reduces logins to one-tap and makes two-factor authentication much faster and more convenient with compatible services
- Options for wide range of user types and security levels
- Low-cost YubiKeys available for individual use
Cons
- Must pair with a password manager for full password management services
- Not compatible with every account service
- Choosing the right key to purchase and learning exactly how to best use it can be confusing
- Users need to purchase a backup key because keys could become lost or stolen
Key Features of Yubico
We believe there are five important features in which every value-rich password security service should excel. Below, take a look at how Yubico fares in the areas of security and encryption, app compatibility, usability and ease of use, password sharing, and price.
Security & Encryption
Using a YubiKey two-factor authentication device goes a long way in protecting passwords and a user’s other vital information from phishing attacks and hackers. Two-factor or multifactor authentication works by requiring a person (or program) attempting to log in to an account to provide the service with something they know (a password) and something they have, such as a text message or physical device such as a YubiKey.
Because YubiKeys are unique physical devices, they can’t be hacked remotely. The devices also keep a user’s information from being shared between online services. Additionally, when a YubiKey is paired with a password manager, it ensures that even if a hacker uncovers a user’s master password, the rest of the user’s passwords remain protected.
Unlike other two-factor authentication methods, YubiKeys don’t store any of a user’s data, so even if the key itself is lost or stolen, there would be no way for another person to access the user’s information. YubiKeys don’t require a network connection or rely on a certain type of software to run.
Users can even enable multifactor authentication by pairing a YubiKey with a one-time PIN. With the FIPS series, the device allows developers, businesses and government agencies to meet the highest level of authentication assurance level requirements.
App Compatibility
YubiKeys pair with several major password managers and many online services, such as social media sites, cloud storage and cryptocurrency, to add an extra layer of security to users’ passwords and other important information.
To pair a YubiKey with a compatible mobile device or computer, users may be able to physically plug the key in via a USB or other type of port. Depending on their device and whether or not the YubiKey is NFC-enabled, users may also be able to simply hold the key next to an NFC chip-equipped device to pair them through near-field communication.
YubiKeys are also compatible with many browser types, including Edge, Chrome, Firefox, Safari and Brave, but exact browser compatibility will depend on the particular key used, the version of the browser and its configurations.
To help users figure out exactly what websites, devices and other digital services are compatible with each key, the Yubico website contains a searchable, comprehensive online catalog listing hundreds of services.
YubiKey App Compatibility
| Security Key Series | YubiKey 5 Series | FIPS Series | |
|---|---|---|---|
| Windows Computer Login | No | Yes | Yes |
| macOS Computer Login | No | Yes | Yes |
| Linux Computer Login | No | Yes | Yes |
| Google Account | Yes | Yes | Yes |
| Microsoft Account | Yes | Yes | Yes |
| Salesforce.com | Yes | Yes | Yes |
| Dashlane Premium | Yes | Yes | Yes |
| Keeper | Yes | Yes | Yes |
| LastPass Premium | No | Yes | Yes |
| 1Password | Yes | Yes | Yes |
| Yes | Yes | Yes | |
| Yes | Yes | Yes | |
| Github | Yes | Yes | Yes |
Usability & Ease of Use
Yubico designs its two-factor and multifactor YubiKeys for consumers of every level, from individuals looking for a password protector for personal use to businesses and developers. It aims to speed up logins, works across all computers and mobile devices and provides comprehensive customer and technical support.
Pairing a YubiKey with a compatible password manager is easy. Typically, a password manager’s vault settings will include an option for two-factor or multifactor options, and from there, a user can begin to set up their YubiKey.
In Keeper, for example, a user would simply log in to their Keeper vault and go to Settings and then click “Edit Two-Factor” to add an additional 2FA such as SMS text messaging. Then, the user can turn on security keys, insert their YubiKey into their USB port and simply follow the on-screen instructions.
Once a YubiKey is paired with a password manager, users can typically log in to their vaults or password manager apps by simply plugging their YubiKey into their devices and tapping. When a user is ready to access online accounts, the password manager can auto-fill usernames, passwords and other types of forms, and users can tap their YubiKey for a two-factor-authenticated log in.
Additionally, using YubiKey with other services directly is easy. A user doesn’t need to register their YubiKey with Yubico, and they can use Yubico’s website to select their YubiKey and identify all of its supported online services. Users can then click “Learn more” to find instructions on how to pair their YubiKey with each service.
Password Sharing
While YubiKeys don’t directly share passwords, YubiKeys can pair with password managers such as Keeper, LastPass, and Dashlane that are able to securely do so. This way, families, businesses and even individuals can more securely share their passwords with hardware-supported protection.
Price
Because Yubico knows consumers have a variety of needs, there are multiple YubiKey series with a variety of prices and features. Within each series, individual key pricing varies primarily depending on the type of device connector, such as USB-A, USB-C, NFC or lightning.
Each product comes with a free, one-year warranty and is designed to be tamper-resistant. Additionally, Yubico provides free shipping if a user purchases two or more keys. The company recommends users purchase at least two keys of any type so that one may serve as a backup in case the other is lost or stolen.
The lowest-priced keys Yubico offers are in its Security Key series. These range from $20-$27 and are designed for more basic, individual consumer use. While they do offer strong authentication methods, they’re not compatible with as many devices or account types as keys in the YubiKey 5 series or FIPS series.
Yubico describes its YubiKey 5 series as offering its most “feature-rich” keys and is well-suited to either individual or business use. YubiKey 5 keys range from $45-$70 and function to prevent hacker infiltration, are compatible with most online services and allow users to log in to accounts with one tap.
FIPS series keys range from $46-$69 are designed for developers, with business and government use in mind. They’re designed to lower IT costs and allow entities to meet the top authenticator assurance level requirements.
| Series | YubiKey | Price |
|---|---|---|
| YubiKey 5 | 5 NFC | $45 |
| 5 Nano | $50 | |
| 5C | $50 | |
| 5C Nano | $60 | |
| 5Ci | $70 | |
| Security Key | Security Key by Yubico | $20 |
| Security Key NFC by Yubico | $27 | |
| YubiKey FIPS | FIPS | $46 |
| C FIPS | $58 | |
| Nano FIPS | $58 | |
| C Nano FIPS | $69 | |
| YubiHSM | YubiHSM 2 | $650 |
| Experience Pack | Passwordless Starter Kit | $95 |
How Yubico Works
| Functionality | How It Works |
|---|---|
| Setting up the vault | Visit Settings in a compatible password manager to enable and setup two-factor or multifactor authentication with a YubiKey |
| Logging in to accounts | Insert YubiKey into device or hold near NFC-enabled device; pair YubiKey with a password manager for one-tap logins (password manager auto-fills forms; tapping YubiKey authenticates) |
| Creating passwords | Password-less login available with Microsoft accounts; use a password manager or manually create passwords |
| Changing passwords | One-time password support; manually change passwords or pair with a password manager to automatically manage existing passwords |
| Sharing logins | Pair YubiKey with compatible password manager that can share passwords with another YubiKey user |
| Recovering account | No account registration required to authenticate; users should have a backup YubiKey in case original is lost, stolen or damaged |
| Advanced security features | Works with one-time passcodes; smart card authentication, FIDO U2F support; password-less authentication with FIDO2 |
What Customers Are Saying
Yubico customers praise YubiKeys for their ease of use, versatility and strong security functionality. One user says, “I use my Yubikey almost every day for multifactor authentication. It’s super simple to use, easy to use pragmatically, and just provides a great experience for dealing with MFA — especially when security is important.”
Other customers point out how easily YubiKeys work with their password manager. One reviewer says, “Yubikey by Yubico works great with LastPass to provide two-factor authorization into my save password vault … Using it is as simply as plugging in the device to my laptop computer and using the hardware interface.”
Bottom Line
Ultimately, individuals and businesses who value knowing their passwords and other important information are completely secure can greatly benefit from easy-to-use YubiKeys. While they do require a bit of setting up to pair with compatible password managers, combining the two makes for an incredibly strong and useful combination, made even easier by YubiKeys’ simple touch feature and ability to pair with NFC-enabled devices.
