Earlier this year we announced the upcoming release of Yubico Authenticator 6, the next version of our YubiKey authentication and configuration app. We released a beta version, first for desktop, and then for Android, and we solicited your feedback. We got plenty of it, and have been busy incorporating a lot of it into the app, along with getting things ready for prime time.
Now, we’re ready to show Yubico Authenticator 6 to the world, and recommend all our users to update to the new version! If you’re eager to download, you can scroll down directly to the bottom of the page for a direct link. Our newest version adds a layer of security for your online accounts that require Time-based One-Time Passwords (TOTP). As the safest authenticator app across both mobile and desktop, you’re able to store your credentials on your YubiKey and not on your mobile phone, so that your secrets cannot be compromised.
More than just a new coat of paint
Our main focus with this version has been to make sure our users can upgrade and still be able to do the same things with it as before, while setting the groundwork for better YubiKey management in the future. This is part of a broad and important effort to improve Yubico Authenticator across all platforms. Some things may have moved around a bit, or work in a slightly different way, but for the most part it should feel familiar. You can still scan QR codes, add new TOTP credentials, and use them to log in to various sites.
On desktop, you can still manage your FIDO PIN and credentials, as well as your fingerprints in the case of YubiKey Bio. Some new features are available for the app including native ARM support for MacOS, a smoother elevation to Administrator experience for Windows, and the ability to automatically copy a Yubico OTP to clipboard from NFC tap on Android (just to name a few). This is only the tip of the iceberg, as the bulk of the work for this release is in what’s below the surface.
Almost every part of the app has been rewritten for this new version. We now use a new UI framework (Flutter) to implement the user interface which has brought quality improvements and increased our development velocity. We’ve created a new architecture which serves as the foundation of the new app, suited for current and future needs (we have a lot more we want to do!). We’ve also consolidated our desktop and Android code bases to be able to share more common code between them, allowing us to keep the apps better in sync and deliver new features more rapidly.
Just as with the older version of the app, the new one is released as Open Source. Because we’ve combined the codebases for our desktop and Android versions we’ve had to make some small changes to our source code repository layouts. The old Android app repository has been archived, making it read only. The desktop repository will contain the code for both these going forward, and has been renamed to better suit this purpose, from yubioath-desktop to yubioath-flutter. You can find the repository on GitHub, just as before.
Built using our Open Source SDKs and libraries
One of the foundational pieces for Yubico Authenticator on desktop is the YubiKey Manager command line tool (usually referred to as ‘ykman’). To support this new app we also needed to improve the library aspects of ykman, which resulted in the release of ykman 5.0. Aside from being beneficial for use in Yubico Authenticator 6, ykman also gained some new features of its own, including much better scripting capabilities. You can now create and run your own Python scripts to configure YubiKeys, and run them with ykman.
For more details, see the quickstart guide for scripting and be sure to also check out the example scripts we’ve included! These include samples for creating X509 certificates with custom extensions and attributes which are not available from the CLI interface, as well as provisioning multiple Yubico OTP credentials in sequence, outputting a CSV file which can be imported into a validation server.
Just as ykman is at the heart of the desktop version of Yubico Authenticator, our YubiKey SDK for Android fills this spot in our Android version. Much of the same functionality from ykman also exists in this SDK. If you’re a developer intending to support YubiKeys on Android, the SDK is a good place to start. Of course we’re not leaving our iPhone and iPad users out: we also recently released an updated version of the YubiKey SDK for iOS. This version recently added support for USB-C on iPads (requires iPadOS 16). The iOS and iPad OS app (version 1.7) was also recently published to the app store.
Where to get it
Ready to get the new app? You can find downloads and links to app stores here.