Layer up with Onion ID and the YubiKey

Onion ID with yubikeys

According to the 2017 Thales Data Threat Report, nearly two thirds (63%) of senior security executives polled indicated that their organizations deploy new technologies such as cloud, big data, IOT, and containers before having the security in place to protect them. With 88% feeling vulnerable to a cyberattack, organizations are now starting to shift their focus to securing all these new technologies with multi-factor authentication (MFA). In fact, the report shows that US and global retail organizations rank MFA in the top 3 data security tools they plan to implement this year.

Onion ID Logo
Ecosystem Showcase: Onion ID

Yubico ecosystem partner Onion ID offers organizations the opportunity to use various methods of authentication—ranging from biometrics to location to security keys—to protect any web application or server in their IT infrastructure. Onion ID secures privileges for accounts on any server, container, and SaaS applications, and acts as a single pane of glass to provide security, visibility, and auditing to organizations of all sizes.

“Before we integrated YubiKey support, our customers used MFA methods that required their employees to use their mobile phones to verify their identity. To complete the mobile authentication process, data has to be trafficked to and from the internet, which is not ideal or secure for customers handling sensitive data, such as medical and financial information. If an organization doesn’t want to pass their employees’ information through the internet or have their employees install an app on their phones, what we recommend is a hardware-based security key like the YubiKey,” said Onion ID founder Anirban Banerjee.

While still common in enterprise security, mobile authentication methods like SMS and phone calls are essentially unencrypted and vulnerable to phishing. Phone and SMS networks have been exploited by governments, criminal gangs, and even penetration testing firms. Phone companies can also provide access to personal records if required to by legal order or if they are hacked or tricked.

“Organizations need an MFA solution they can fully control without needing to download and use third-party apps like Google Authenticator. Our customers find that the YubiKey offers them just that — an MFA option that is easy, affordable, and can help control exactly what an employee can do on a server or a SaaS application,” said Anirban.

With support for Yubico OTP, Onion ID successfully combines versatility with ease of use and security to protect privileged accounts on AWS, Rackspace, and more. Yubico OTP works with no client software needed, allows for self-provisioning, as well as authenticating without a username, and is easy to implement.

“Integrating Yubico OTP was simple and did not take a lot of effort from our side. The API documentation is clear, and there was excellent communication between our teams. It took us about 2 weeks for the initial integration, and 1 week for fine tuning. We also use the YubiKey internally and are happy with our experience,” he added.

Onion ID offers a cloud-based Software as a Service (SaaS) security solution that enables organizations to control access across all their properties in 60 seconds. From server privilege access management (Server PAM) for secrets storage to SaaS privilege access management (SaaS PAM), Onion ID and the YubiKey provide the secure sharing of API keys and credentials between your employees and automated script.

By giving organizations the ability to choose and easily enable MFA on apps and servers of their choosing with zero change, Onion ID provides security, visibility, and flexibility for organizations of all sizes.

Learn more about protecting your privileged accounts with Onion ID.

Yubico is proud to highlight Onion ID as part of an ongoing YubiKey ecosystem awareness program. Visit our Featured Solutions page to learn more about all the products and services that support the YubiKey.

Talk to our teamTalk to our team

Share this article:


  • CEO Corner: Entering the second half of 2025 with momentumAs we continue to move further into the second half of 2025, I want to share a look back at our journey so far this year and as well as lay out Yubico’s strategic path ahead.  Resurgence in order growth and key segment wins While net sales declined for Q2, the end of the quarter […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Survey says: Your dog’s name isn’t a passwordWe all know we should be protecting our digital lives, but what are Americans actually doing? Yubico recently commissioned a survey, conducted by Talker Research, which asked 5,000 Americans in 10 major metro cities across the U.S. about their online security habits. Here’s a closer look at what they found (hint: they’re not as secure as they […]Read moreCompany Newssurvey
  • Passkeys are winning, but security leaders must raise the barPasswords are on their way out. In their place is a new form of login called passkeys that promises stronger security and less frustration. All passkeys offer the rare combination of improved usability and stronger security, especially when compared to passwords alone. But unless we act now, millions could be left more vulnerable than ever. […]Read moreDevice-bound passkeysHardware passkeypasskeyssynced passkeys
  • Your top YubiKey questions, answeredOver the 10+ years I’ve been at Yubico, I’ve had the pleasure of meeting customers, partners and many others talking about digital security. While every conversation is different, I am often asked many of the same questions about YubiKeys. One thing remains consistent: many people know they need better security, but they’re not sure what […]Read moreFAQYubiKey