Why YubiKey Wins

November 22, 2015 3 minute read

When we ask our customers why they chose the YubiKey, the most common answer is ease-of-use.

If you get a job at one of the large internet companies here in Silicon Valley, you are likely to also get a laptop with a YubiKey inside the USB port. But you may not know it’s a YubiKey. I learned that from someone I met at the local train station while waiting for the train to San Francisco. He was carrying his laptop under his arm, and I noticed the rounded golden edge in the USB port. When I thanked him for being a customer, he looked surprised; “Oh, I did not know. I thought it was the new Apple touch feature for the new Mac!” I am sure the YubiKey smiled after these words — there are not many authenticators out there that have been mistaken for an Apple product!

Some time ago, Facebook posted a video on YouTube sharing how they used YubiKeys, and why no other authentication technology matches its simplicity and speed for multiple login sessions.

After Google deployed U2F-powered YubiKeys for all staff, and provided support for Gmail users, their statistics showed that the login process was four times faster compared to Google Authenticator (their mobile authentication app). The process of picking up a phone, opening an app, and re-typing a code — not only is time-consuming but error-prone. With YubiKey, it’s just a simple touch.

However, the main reason Google deployed U2F-powered YubiKeys is security. One in fifty emails that land in your Gmail inbox is a phishing attempt. Although sophisticated spam filters block most of them, it is still difficult to stop individually-customized phishing emails, even with the one-time password from Google Authenticator. With U2F and public key crypto, Google has measured significant fraud reduction.

U2F also enabled Google to cut support by 40% compared to Google Authenticator. There may be a perception that paid hardware is more costly to deploy than free software. But when the industry-average cost for recovery support is approximately $30 per ticket, the reality can be different. With backup YubiKeys on a keychain, in a wallet and the USB port, users submit fewer support tickets and are at lower risk of being locked out than those who rely on a single phone app.

Many of our customers value that we allow them to easily program and fully control their own YubiKey secrets. Others like that one single YubiKey can be used with the range of authentication and cryptographic protocols. All like that YubiKeys are water- and crush-resistant (as demonstrated in the picture above). To learn more about the security, usability, and cost benefits of the YubiKey compared to other authentication technologies, see our  chart: Why YubiKey Wins.

There may not be a silver bullet for strong authentication, but the YubiKey is getting close.

Share this article:

Recommended content

Accounting for the human element: A security tool that nobody wants to use is destined for the trash heap

To continue our effort to peel back the layers on the journey to passwordless, Yubico talked with former Navy intelligence officer and University of Tulsa professor, Sal Aurigemma, about his research in the behavioral information security field. Professor Aurigemma focuses on end-user experiences and adoption rates of authentication technologies. He regularly runs field experiments with ...

Cloud vs. On-Prem: Why opting for on-prem can cost you your next data breach

Most CISOs and IT teams spend their time asking themselves “when”, not “if”, they will be the next company to suffer a data breach. And rightfully so. The frequency of data breaches is skyrocketing, with no sign of slowing down.  To help quantify the problem, recent research from Canalys shows that there were more records ...

Find us at Oktane21 and discover how Okta and the YubiKey bridge enterprises to passwordless

Okta’s premier identity conference, Oktane21, is taking place virtually on April 6-8, and Yubico is once again a proud sponsor. This year, Yubico will highlight our continued partnership with Okta and showcase the YubiKey as the key to trust.  Okta Adaptive MFA and the phishing-resistant YubiKey allow organizations to quickly and securely deploy strong multi-factor ...

Yubico announces general availability of next-generation Android and iOS SDKs

Yubico is committed to enabling YubiKey integrations for all of our technology partners and enterprise customers with the least amount of friction and time-to-market as possible. With this goal in mind, we are very excited to announce the public general availability of our Android and iOS SDKs that went into public beta in December last ...