YubiKey NEO Updates

Yubico Team

Yubico Team

2 minute read

UPDATE: YubiKeys with serial numbers 2624253 to 2624449 and 2624801 to 2625499 are also not configured with fixed card manager keys.

Our YubiKey NEO, is a JavaCard-based product. The NEO has a set of card manager keys that allows you to delete/add/update the software “applets” running on the NEO, through the Global Platform interface.

We launched the YubiKey NEO as a “Developer Edition”, and as such, the card manager keys were set to a single value to facilitate development.

For production use we don’t recommend this, since anything you can do is also something an attacker can do, thus potentially achieving a denial of service of your NEO by (for example) removing all applets on it. (Note that the card manager keys does not give anyone the ability to extract secrets, that’s by design never possible.) As the Yubico applets have now reached a reasonable level of maturity, we are proactively changing our processes around card manager keys. The YubiKey NEOs that have shipped from July 1st 2014, starting with serial number 3,000,000, are no longer configured with the fixed card manager keys.

What does this mean if you are an existing YubiKey NEO customer? If you are concerned with someone else modifying the software on your NEO we recommend that you change the card manager keys. Global Platform can be used to change the card manager keys.

Initially we targeted YubiKey NEO towards early adopters and developers; now the majority of our customers are moving to production deployment and require production devices. What does this mean if you want to develop applets for the YubiKey NEO? We are setting up a YubiKey NEO Developers program for you to order YubiKey NEO “Developer Edition” that come with the known card manager keys, so you can load and delete applets as you wish, and services for Yubico to load your applets onto production YubiKey NEO for your customers. We will announce the launch of the YubiKey NEO Developer program here and on our social media channels.

We are improving the way we set-up the OpenPGP applet on YubiKey NEO; from shipments made today, we now set the card serial number to be the same as the YubiKey laser etched serial number; that’s important if you have multiple YubiKey NEO. Secondly, we are shipping version 1.0.6 of the OpenPGP applet that works with GnuPG version 2.0.22+ and supports import of secret keys.

,
Talk to our teamTalk to our team

Share this article:
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard
  • Yubico recognized by TrustRadius 2025 Award for top customer reviewsAs AI-driven cyber threats like credential phishing evolve and grow in complexity, phishing-resistant YubiKeys are an important component toward cyber resilience — and our mission to make the internet more secure has never been more critical. To support this, customer feedback is something we take very seriously and is an invaluable tool to ensure we’re […]Read moreawardsTrustRadius
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Introducing the Yubico Academy: Enabling partners for a phishing-resistant futureAt Yubico, strong partnerships are fundamental to a more secure digital world. Our commitment goes beyond providing leading security keys; it’s about actively fostering the growth of our valued partners through impactful enablement programs. A cornerstone is the Yubico Academy, featuring our comprehensive certification program.  This program enables our partners’ teams to become Yubico experts, […]Read more