As Told By Adopters: YubiKeys’ ROI

The need for security is non-negotiable. It remains a top priority universally – online, offline, on vacation or at home. With more workers signing on in a variety of locations these days enterprises remain at risk of compromising sensitive data via phishing and stolen credentials. 

Yubico’s YubiKeys, hardware-based phishing-resistant multi-factor authentication (MFA) solutions, exist to reduce such risk. Yubico commissioned Forrester Consulting to evaluate the potential financial impact of deploying YubiKeys. We interviewed five of their enterprise customers (across manufacturing, energy, transportation, media and B2B technology industries) and summarized the results via a composite framework in the newly released study “The Total Economic Impact™ of Yubico YubiKeys.” 

Infrastructure and staffing required to protect against breaches demands a significant investment – the study does not discount this. Yet, the findings also do not understate the cost of a security breach exposure, especially when employees, users and partners are counting on an organization to keep their data and authentication secure. 

YubiKeys delivered a risk-adjusted three-year return on investment of 203% and a payback period of 11 months.

What comprises the 203%? YubiKeys significantly reduces risk exposure to theft attacks. Those interviewed stated a 99.9% risk reduction of phishing and credential threat attacks, virtually eliminating social engineering. Moreover, we were able to find that the sum of all other benefits (to be discussed below) alone outweighs the cost over a three-year period. These additional benefits met the common challenges shared among our interviewed organizations, a portion of which previously used alternate MFA solutions.

So, what are those added benefits? Here’s a snapshot:

#1: Improved reputation and ability to win security-related contracts

Through active promotion of YubiKeys during prospect calls, several organizations gained access to new clients with high-security requirements consequently increasing profit from improved reputability. The study attributes 50% of revenue from better deal conversions to YubiKeys.

#2: Security operations efficiency labor savings

By simplifying password policies and reducing policy management, organizations reallocated time for their DevSecOps employees to higher value tasks.  

#3: Help desk support savings

Not only did DevSecOps save time, the IT help desk saw a 75% reduction in password-related help desk tickets after YubiKey adoption. 

#4: Improved end-user productivity

Thanks to YubiKeys, customers no longer needed to memorize passwords and meet stringent requirement processes; instead, they appreciated the simplicity (and time savings) of tapping the YubiKey to enter their system. The study finds half an hour saved per employee per password update and two hours saved per password reset. 

Yet, this isn’t all we heard. 

Some benefits aren’t quantifiable but are equally important. Customers lean on YubiKeys for an improved employee experience (goodbye legacy hardware frustration), flexible purchasing with YubiEnterprise Subscription and for an extensive built-in partner and vendor ecosystem. This allows customers to share what’s working and what’s not with others on their MFA journeys. Those interviewed stressed the ability to leverage open standards for MFA, adapting as the industry evolves. When it comes to security, the only “us vs them” ought to be enterprises against hackers, right?

The decision to choose YubiKeys cannot be attributed to a single factor. A Product owner of authentication in the manufacturing industry states: 

“We chose Yubico for a few reasons. … We like the flexibility of the various tokens with USB-A, USB-C, [Lightning, and NFC]. … We like that they have a lot of different ways you can utilize them. We can utilize them as an event driven token, an HOTP token with a button press, or basically as a static password similar to a security card.”     

 An IT product manager, media and communications industry adds:

“[YubiEnterprise Subscription] lets us choose. Over time, we went with a YubiKey 5C NFC, which is what we were looking for to get the combination. But if we were to branch it out into other types of keys we were offering [to users], it would be very easy for us to add that then.”

Finally, within the media and communications industry, the same IT product manager recounts: 

“Our decision to go with YubiKeys was the enterprise distribution platform and the ability to do sort of point-to-point distribution. We chose a model that met our needs and could do the fulfillment.”

After all, it’s purposefully built as a solution that is NOT a one-size-fits-all product. Authentication is yours, and yours alone. To read more about the path to a passwordless future, and to let the customers speak for themselves, check out: “The Total Economic Impact™ of Yubico YubiKeys.”

————————

Editor Note: For more information on the Forrester report: The Total Economic Impact of Yubico YubiKeys, be sure to join our webinar on October 11 at 9 a.m. PT. 

Talk to our teamTalk to our team

Share this article:


  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Making digital security a right: Inside Yubico’s Secure it Forward programTechnology can be a great equalizer — but only if the strongest protection is within reach. Since 2022, Yubico has donated more than 65,000 YubiKeys to hundreds of organizations worldwide — a retail value of over $3.3 million. Each key helps strengthen digital protection for those doing vital work in their communities. This isn’t just […]Read more
  • Unlocking trust in enterprise security: Yubico and Okta empowering businesses togetherCollaboration with ecosystem partners is critical for providing our customers with the best cybersecurity solutions. Together, Yubico and Okta have achieved remarkable milestones over the years, including launching innovative solutions and aligning our go-to-market efforts – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart […]Read moreOktaOktane