Why YubiKey Wins

November 22, 2015 3 minute read

When we ask our customers why they chose the YubiKey, the most common answer is ease-of-use.

If you get a job at one of the large internet companies here in Silicon Valley, you are likely to also get a laptop with a YubiKey inside the USB port. But you may not know it’s a YubiKey. I learned that from someone I met at the local train station while waiting for the train to San Francisco. He was carrying his laptop under his arm, and I noticed the rounded golden edge in the USB port. When I thanked him for being a customer, he looked surprised; “Oh, I did not know. I thought it was the new Apple touch feature for the new Mac!” I am sure the YubiKey smiled after these words — there are not many authenticators out there that have been mistaken for an Apple product!

Some time ago, Facebook posted a video on YouTube sharing how they used YubiKeys, and why no other authentication technology matches its simplicity and speed for multiple login sessions.

After Google deployed U2F-powered YubiKeys for all staff, and provided support for Gmail users, their statistics showed that the login process was four times faster compared to Google Authenticator (their mobile authentication app). The process of picking up a phone, opening an app, and re-typing a code — not only is time-consuming but error-prone. With YubiKey, it’s just a simple touch.

However, the main reason Google deployed U2F-powered YubiKeys is security. One in fifty emails that land in your Gmail inbox is a phishing attempt. Although sophisticated spam filters block most of them, it is still difficult to stop individually-customized phishing emails, even with the one-time password from Google Authenticator. With U2F and public key crypto, Google has measured significant fraud reduction.

U2F also enabled Google to cut support by 40% compared to Google Authenticator. There may be a perception that paid hardware is more costly to deploy than free software. But when the industry-average cost for recovery support is approximately $30 per ticket, the reality can be different. With backup YubiKeys on a keychain, in a wallet and the USB port, users submit fewer support tickets and are at lower risk of being locked out than those who rely on a single phone app.

Many of our customers value that we allow them to easily program and fully control their own YubiKey secrets. Others like that one single YubiKey can be used with the range of authentication and cryptographic protocols. All like that YubiKeys are water- and crush-resistant (as demonstrated in the picture above). To learn more about the security, usability, and cost benefits of the YubiKey compared to other authentication technologies, see our  chart: Why YubiKey Wins.

There may not be a silver bullet for strong authentication, but the YubiKey is getting close.

Share this article:

Recommended content

Celebrating 5 impressive women in tech for International Women's Day

As Yubico’s CEO and Founder, I’m often asked about the challenges of being a female entrepreneur. My best piece of advice to other aspiring entrepreneurs - women or men - is that you will face a lot of push backs and challenges, so you better love what you do and truly believe in it – to enjoy the journey and keep going!

Secure Manufacturing

Made in Sweden & USA Yubico is a Swedish company that owns subsidiaries in the USA, UK and Germany. We strongly believe there are security and privacy benefits for our customers by manufacturing and programming our products in Sweden and the USA. To ensure that we are very close to all aspects of manufacturing, we ...

Yubico for Free Speech

YubiKey protection for at-risk individuals Voices we support with security Organizations we support Join the Yubico for Free Speech Program If you are with a nonprofit organization that values free speech and defending human rights, and you are interested in protecting yourself or others online, please apply to join our Yubico for Free Speech Program. ...

Archives 2020

2020 Archives