YubiKey

Yubico Inc.
Company typePrivate
IndustryHardware
Founded2007
HeadquartersSanta Clara, California, United States
Key people
Stina Ehrensvärd (Chief Evangelist and founder)
Jakob Ehrensvärd (CTO)
Mattias Danielsson (CEO)
Websiteyubico.com/products Edit this at Wikidata
First YubiKey USB token of the FIDO standard in 2014

The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols[1] developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows storing static passwords for use at sites that do not support one-time passwords.[2] Google, Amazon, Microsoft, Twitter, and Facebook use YubiKey devices to secure employee accounts as well as end-user accounts.[3][4][5] Some password managers support YubiKey.[6][7] Yubico also manufactures the Security Key, a similar lower-cost device with only FIDO2/WebAuthn and FIDO/U2F support.[8][9]

The YubiKey implements the HMAC-based one-time password algorithm (HOTP) and the time-based one-time password algorithm (TOTP), and identifies itself as a keyboard that delivers the one-time password over the USB HID protocol. A YubiKey can also present itself as an OpenPGP card using 1024, 2048, 3072 and 4096-bit RSA (for key sizes over 2048 bits, GnuPG version 2.0 or higher is required) and elliptic curve cryptography (ECC) p256, p384 and more, depending on version,[10] allowing users to sign, encrypt and decrypt messages without exposing the private keys to the outside world. Also supported is the PKCS#11 standard to emulate a PIV smart card. This feature allows code signing of Docker images as well as certificate-based authentication for Microsoft Active Directory and SSH.[11][12][13][14]

Founded in 2007 by former CEO now Chief Evangelist Stina Ehrensvärd, Yubico is a private company with offices in Santa Clara, CA, Bellevue, WA, and Stockholm, Sweden.[15] Yubico CTO, Jakob Ehrensvärd, is the lead author of the original strong authentication specification that became known as Universal 2nd Factor (U2F).[16]

YubiKey released the YubiKey 5 series in 2018, which adds support for FIDO2.[17]

  1. ^ "Specifications Overview". FIDO Alliance. Retrieved 4 December 2015.
  2. ^ "What Is A Yubikey". Yubico. Retrieved 7 November 2014.
  3. ^ McMillan (3 October 2013). "Facebook Pushes Passwords One Step Closer to Death". Wired. Retrieved 7 November 2014.
  4. ^ Diallo, Amadou (30 November 2013). "Google Wants To Make Your Passwords Obsolete". Forbes. Retrieved 15 November 2014.
  5. ^ Blackman, Andrew (15 September 2013). "Say Goodbye to the Password". The Wall Street Journal. Archived from the original on 3 January 2014. Retrieved 15 November 2014.
  6. ^ "YubiKey Authentication". LastPass. Retrieved 15 November 2014.
  7. ^ "KeePass & YubiKey". KeePass. Retrieved 15 November 2014.
  8. ^ "Yubico Releases FIDO U2F Security Key". Yubico (Press release). 2014-10-21. Retrieved 2018-05-05.
  9. ^ "Yubico Launches New Developer Program and Security Key for FIDO2 and WebAuthn W3C Specifications" (Press release). 2018-04-10. Retrieved 2018-05-06.
  10. ^ "YubiKey 5.2 Enhancements to OpenPGP 3.4 Support – Yubico".
  11. ^ "Launching The 4th Generation YubiKey". Yubico. Retrieved 20 November 2015.
  12. ^ "With a Touch, Yubico, Docker Revolutionize Code Signing". Yubico. Retrieved 20 November 2015.
  13. ^ "Setting up Windows Server for YubiKey PIV Authentication". Yubico. Retrieved 2021-06-06.
  14. ^ "SSH user certificates". developers.yubico.com. Retrieved 2021-06-06.
  15. ^ "The Team". Yubico. Retrieved 12 September 2015.
  16. ^ "History of FIDO". FIDO Alliance. Retrieved 16 March 2017.
  17. ^ "Yubico launches new YubiKey 5 Series 2FA keys, supports passwordless FIDO2 and NFC". Android Police. 2018-09-24. Retrieved 2019-10-07.