Memoirs of a YubiKing

Dain Nilsson

Dain Nilsson

3 minute read

While I’ve been an employee with Yubico for a little more than two years now, my history with the company dates back a bit further. And the YubiKing contest we announced today to discover the next innovative use of the YubiKey transports me back to that time. Before I was an employee, I was a winner in the initial YubiKing contest.

The first time I heard of the YubiKey was on an episode of the Security Now podcast back in 2008. An enthusiastic Stina Ehrensvard (CEO and founder of Yubico) was being interviewed and the details of how the YubiKey worked were being explained down to a very technical level. I remember later trying to explain how it worked to my then girlfriend (now wife), who didn’t quite share my excitement for the device. Nonetheless, I was smitten.

YubiKing is your opportunity to create the next innovative use for a YubiKey. Enter your project in the YubiKing Virtual Hackathon today to become eligible to win great prizes!

A while afterward, the first YubiKing competition was announced in a follow-up episode. This was the perfect excuse for me to get a YubiKey and play around with it. The rules were pretty simple: Create something that uses the YubiKey and submit it to the competition. I had what I considered a pretty neat idea for a hack, but with several companies entering the competition I saw little hope of actually winning. Still, the promise of a YubiKey for entrants was there. I had no excuse not to give it a shot.

At the time, very few web sites offered two-factor authentication. We’ve come a long way since then (with an even longer way to go, still), but I had an idea to immediately start using a YubiKey with more sites. My solution was a very basic password manager of sorts, which used Yubico OTPs for authentication.

It worked like this: You would store passwords for different sites, and the YubiKey would protect access to your passwords. A small browser plugin would then hook into password fields on third-party sites, detecting if an OTP was entered instead of a password. When it saw an OTP, it would query the server for your password and seamlessly replace the OTP with your actual password before submitting the field and logging you in. Boom, instant YubiKey support for any site!

My submission lacked polish and was mostly thrown together over the course of a weekend. But it worked, and the idea was novel enough that it earned me one of the coveted YubiKing titles awarded that year. This contest began my relationship with Yubico and eventually led me to a new job working with the technologies I’m passionate about.

Now we’re running another YubiKing contest, and I’m very excited to see what kind of new innovations will pop up this time around.

Talk to our teamTalk to our team

Share this article:
  • Navigating the PCI DSS 4.0 transition and meeting compliance with phishing-resistant YubiKeysIn just a few days, on March 31, 2025, decision makers in industries that involve payment processing – including financial services, retail & hospitality and telecommunications – are tasked to finalize the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0. This deadline marks a critical juncture for all organizations handling payment card […]Read moreNISTPCI DSSPCI DSS 4.0
  • Building cyber resilience with Yubico and MicrosoftIn today’s digital landscape, cyber threats are evolving at an unprecedented pace: every second, a phishing attack takes place. In fact, over 80% of these attacks are the result of stolen login credentials and almost 70% of phishing attacks relied on AI last year alone. Recent data from Microsoft Entra also reveals a staggering increase […]Read moreMFA mandatesMicrosoft
  • Yubico’s commitment to innovation: Phishing-resistance as a cornerstone for cyber resilienceAs phishing attacks have reached an unprecedented level of frequency and sophistication, enterprises must prioritize authentication that is phishing-resistant – regardless of the business scenario, platform or device users are working with. This is why Yubico prioritizes consistent product innovations that deliver on our customer’s needs for modern, phishing-resistant authentication solutions that enable businesses to […]Read more
  • CEO Corner: Wrapping up a strong year, and looking ahead to 2025 and beyondIt’s no secret that 2024 was a big year of growth for Yubico, highlighted across many notable achievements by our team and increasing demand from our customers. As discussed in my previous post, following a transformative year driven by key cybersecurity trends like passkeys and AI, the year culminated in the significant step of Yubico […]Read moreCEOEarningsMattias Danielsson