Making the internet safer for everyone, one YubiKey at a time

When the internet was designed 30 years ago, security was not a priority as it was primarily created as a way to connect and easily share information with others around the world. Fast forward to today with news of hacks and breaches almost daily, much of the online world is trying to play catch up to help secure themselves, and in many cases, their companies by adopting better cybersecurity practices and tools.

Since Yubico was founded in 2007, we’ve made it our mission to address this important challenge and make the internet safer for everyone. As the pioneer of modern hardware security keys and co-creators of open authentication standards, including FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), we take the security of everyone very seriously. 

Tech companies pushing MFA adoption

This past year, amid a massive transition to distributed workforces around the globe, stronger security practices and the need for strong authentication has become a necessity for organizations. This is leading many to make moves to secure their internal teams, as well as customers, to protect them from becoming victims of cyberattacks. 

In line with this shift, Google recently confirmed plans to auto-enroll 150 million Google users onto its 2FA system (two-step verification or 2SV, as Google calls it), and require two million YouTube creators to activate it by November 1, 2021. Many other companies are also enforcing security key MFA for their applications and end users, including GitHub and Meta (Facebook) for its Business Manager tool, and we can expect this to only continue. 

We’re thrilled to see further strong authentication adoption, but it should be noted that not all MFA is created equal. Just earlier this week, Motherboard published an eye opening piece on the underground market for bots that steal your SMS and app-based codes. The bots target the user specifically, tricking them to disclose their authentication codes and get them into the hands of a hacker. As noted in the article, ‘this existence and increased popularity raises questions on whether online services need to offer more phishing-resistant forms of authentication to protect users’. 

Security Keys, like the YubiKey, which support modern FIDO/WebAuthn authentication, are the only proven method to prevent account takeovers. Currently, some of the world’s largest tech companies, including Google, Twitter, and Microsoft, as well as millions of users in 160 countries rely on the YubiKey to defend against increasingly sophisticated, widespread attacks like spear phishing and ransomware. 

Modern, phishing resistant authentication with YubiKey

You have a key for your car and your house, why would you not want one for your online identity, applications, and data? With authentication enforcement on the horizon, Google and YouTube creators, as well as users for any other supported apps or services, can protect their accounts with the highest levels of security with the YubiKey 5 Series, as well as the recently introduced  Security Key C NFC.  Additionally, YubiKeys can be added to any keychain to travel with you or stay semi-permanent in your USB port, making them convenient wherever you are.

At Yubico, we feel we have a responsibility to make the internet safer for everyone and support the mission in which we were founded. In some cases, access to tools like YubiKeys might be harder for some, which is why we created Secure It Forward, a program dedicated to donating YubiKeys to high-risk individuals or organizations that are defending freedom of press, human rights, and election security. For every 20 keys sold on the Yubico e-commerce store, we donate 1 key to nonprofits, individuals, or organizations in need so they can immediately lock down their accounts. Additionally, we have also been working with Defending Digital Campaigns (DDC) over the last year and a half providing YubiKeys to bi-partisan campaigns.  

We believe that with education, training and the proper tools, usage and adoption rate of strong, modern 2FA and hardware keys, like YubiKeys, will only continue to increase. Do you want to see more of your favorite online services and apps protected from account takeovers? If yes, you can help make it happen with this Tweet asking for YubiKey & WebAuthn support.

With YubiKeys, you can rest easy knowing that you’re investing in the most secure way to protect yourself online. To find out which YubiKey is the best fit for you, visit https://www.yubico.com/quiz/

Talk to our teamTalk to our team

Share this article:


  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST