As generative and agentic AI continue amplifying the rise in phishing attacks globally, credential-based attacks are also evolving and becoming more sophisticated. Heading into a near year faced with new cyber threats and challenges, the need for truly phishing-resistant authentication is more critical than ever across all industries globally – especially as we near a post-quantum future.
To help organizations more easily adopt phishing-resistant YubiKeys, we’ve focused on turning urgency into action – building the infrastructure, processes, and integrations needed to make phishing‑resistant authentication practical for every user. This year the Works with YubiKey catalog continues to be the single, trusted source organizations rely on to find verified integrations that accelerate secure, scalable YubiKey deployments.
2025 partner wins that moved the security needle for our customers
Over the past year, we have significantly expanded verified integrations and strengthened deployment tooling. Our partner collaborations featured in the Works with YubiKey catalog have helped move organizations from pilot projects to enterprise-wide rollouts of hardware‑backed passkeys on YubiKeys, establishing them as a leading building block for resilient identity architecture. The catalog provides clear, repeatable paths for IT teams to adopt hardware-backed passkeys across web, mobile, and legacy systems.
- Eliminating the master password with Dashlane: Master passwords pose a single point of failure. To address this challenge, Dashlane added FIDO2 YubiKey support via WebAuthn PRF to enable passwordless, phishing‑resistant vault access, resulting in a stronger credential posture and a reduced attack surface for credential managers.
- Accelerating Zero Trust with Microsoft: YubiKeys provide enterprises with a simple, scalable path to meet rising authentication needs. This includes new future-ready integrations across Entra ID, Azure and Windows – enabling compliance with MFA enforcement using the highest assurance authentication and simplified deployment tooling.
- Yubico FIDO Pre‑reg with Okta: Manual enrollment of YubiKeys can slow mass deployments of YubiKeys across enterprises, so Yubico worked together with Okta to roll-out Yubico FIDO Pre‑reg to enable organizations streamlined management and deployment of pre‑registered YubiKeys with an IdP before issuance. More info.
- Identity Verification partnerships: Remote onboarding has created a trust gap between claimed identity and physical key issuance. In November 2025, Yubico worked with HYPR and Nametag to enable organizations to easily integrate verified identity into the secure provisioning, recovery, and lifecycle management of YubiKeys integrating with YubiKey as a Service – ensuring every key is issued to a verified user.
- GitLab developer protections: Developer accounts and commit signing have historically been high‑value supply‑chain targets. To address this, GitLab expanded guidance and support for hardware security keys for authentication and commit signing – enabling developer workflows to gain stronger provenance and reduced account‑takeover risk across CI/CD.
- Seamless credential management with Versasec: Versasec announced the integration of Yubico FIDO Pre-reg with Versasec vSEC:CMS and vSEC:CLOUD, enabling enterprises to enjoy full lifecycle management and streamline onboarding with delivery of pre-enrolled YubiKeys to end-users. This integration is designed to accelerate adoption of MFA and phishing-resistant, device-bound passkeys.
Featured listings
New listings
As Yubico continues adding key partners and collaborations in 2026, we remain committed to shifting the security conversation from “if” to “how fast.” As deployment tooling, verified integrations, and issuance controls mature, organizations that choose YubiKeys can expect shorter rollouts, fewer help‑desk tickets, and stronger protection for high‑risk accounts. Below are three practical priorities to guide your security decisions in the new year.
- Prioritize the gold standard: device-bound passkeys: Not all passkeys offer the same assurance. Only device-bound passkeys stored on hardware security keys like YubiKeys provide the highest assurance and remove the risks associated with cloud-synced passkeys.
- Drive full-scale, multi-platform deployment: Move beyond pilots to organization-wide coverage. The goal for 2026 is to ensure credential-based attacks no longer disrupt business operations and compliance is baked into every login. For partners, this means expanding platform support and building SDKs that enable FIDO2 security key support in mobile and native apps while leveraging native OS APIs as they mature. Use pre-enrollment and IDV-backed issuance to make rollouts faster and more secure.
- Advocate for open standards and community adoption: Promote FIDO2, WebAuthn, and OpenID across your ecosystem. Share, support, and join communities and industry initiatives to contribute to and learn implementation patterns, reduce friction for users, and raise the global security baseline. We’re in this together, and an open standards approach ensures our collective work makes for a safer tomorrow.
2026 can be the year organizations solidify a resilient, high‑assurance security posture. Make the Works with YubiKey catalog your go‑to resource and be sure to bookmark the catalog today to stay up-to-date on the latest.
The Works with YubiKey catalog highlights best practices for verified integrations and scalable deployment patterns, adopting device-bound passkeys, planning full-scale multi-platform deployments, and using pre-registration and identity-verified issuance to remove onboarding friction and fraud risk. Together, we can replace credential risk with hardware-backed assurance and make phishing-resistant security the standard at enterprise scale.
