YubiKey comes to the iPhone with Mobile SDK for iOS and LastPass support

May 22, 2018 4 minute read

It’s a question that we receive often, ‘so how does the YubiKey work with iPhone?’ Until now, the answer to that question has been a bit unclear because of limited support for NFC in iOS. But today, we have a clear answer: YubiKey iOS support is here, now, with two exciting pieces of news.

For application developers, we are introducing a new Mobile SDK for iOS that allows any iOS mobile app to rapidly add support for hardware-based two-factor authentication (2FA) using YubiKey OTP over NFC. Second, LastPass, one of our longest and most prominent integrations, has released the latest version of its password management app with fully integrated support for the YubiKey NEO over NFC on iOS. This was completed using our Mobile SDK for iOS, but we’ll share more on this milestone a little later.

A user authenticates to their LastPass app on iPhone using a YubiKey NEO over near field communication (NFC).

The launch of iOS 11 last year saw Apple provide support for NFC tag reading, which allowed developers to build apps with one-time passcode (OTP) support. Given that the YubiKey NEO can generate an OTP and send it to the requesting app via NFC, it became possible to authenticate with Yubico one-time password (Yubico OTP) with a YubiKey NEO — a feature requested by many YubiKey users. However, documentation and reference code for developers to add this support to applications was lacking and unnecessarily complicated.

To help mobile application developers simplify rollouts and deliver on this functionality, Yubico created the Mobile SDK for iOS. It’s available now for download and is also part of the Yubico Developer Program mobile track, and provides developers all the necessary tools to rapidly up-level their iOS mobile app security with Yubico OTP.

By introducing YubiKey hardware-based authentication via NFC to iPhone applications, users no longer need to toggle between apps and temporarily memorize a throw away code before it expires. Now users can just tap the YubiKey to authenticate, which is four times faster than typing in an OTP! Not to mention, users and app developers no longer have to run the risk of potential security and reliability issues by relying on SMS or mobile authentication.

LastPass iOS App Supports Yubico OTP via NFC
The LastPass password manager remains one of the most popular YubiKey integrations for Yubico OTP, and the application has supported NFC on Android devices for many years.

Today, LastPass is the very first password manager application on iOS to enhance its security with Yubico OTP authentication through NFC. This means that LastPass users with iPhone 7 or above, running iOS 11 and above, can now authenticate to their LastPass Premium, Families, Teams, or Enterprise accounts on their mobile device with the same YubiKey NEO that they use for their desktop or laptop. Users will touch the YubiKey NEO to the iPhone to wirelessly transfer a Yubico OTP and securely authenticate to the application

“LastPass has long supported YubiKey as a multi-factor authentication option for adding an extra layer of security to LastPass accounts and values the partnership we have with the Yubico team,” said Akos Putz, Principal Product Manager for LastPass at LogMeIn. “With the new mobile SDK for iOS, our customers now benefit from the strength and security of hardware-backed YubiKey 2FA with the support for our iOS app.”

For current LastPass users, the iOS application will receive an automatic update (version 4.2.7) via the App Store and you can set up YubiKey in your account settings. If you’re an iPhone user, you can download the latest version of LastPass here and for further instructions on setup, visit here.

We applaud LastPass for supporting this milestone leap in YubiKey mobile app authentication for iPhones and iOS. With this announcement, the YubiKey now provides simple and secure authentication for all leading mobile platforms including Android, Windows mobile, and iOS. Find out more about our new Mobile SDK for iOS here.

UPDATE (09/25/18): LastPass also supports the YubiKey 5 NFC over NFC for iOS. Read their announcement here.

Share this article:

Recommended content

What is Strong Authentication

Strong Authentication Definition Strong authentication is a way of safely and reliably confirming user identity. Multi-factor authentication (MFA) is one of the best options to establish trust with users, but actual strong authentication goes beyond MFA or two-factor authentication (2FA). When implementing MFA, at a minimum, follow the National Institute for Standards and Technology (NIST) ...


Yubico research reveals that cybersecurity best practices, including password protection, and employee training in the UK, France, and Germany are lackluster with the proliferation of employees working from home

We all know there have been major paradigm shifts in the workplace caused by the pandemic. With the explosion of working from home (WFH), millions of employees now call their basements and bedrooms home offices. Security professionals scrambled to put together employee onboarding and authentication protocols that met new cybersecurity requirements for remote employees. Over ...


Figma implements strong security for all its employees with Okta and the YubiKey

About our customer Figma Sources


SANS 2021 Password Management and Two-Factor Authentication Methods Survey

Read this report to learn about password management and the types of MFA solutions being used in industries