Why YubiKey wins

Strong authentication. Easy to use. Low cost.
YubiKey
FIDO U2FSmart CardPGPOTPSmart CardOTP TokenPhoneTPM
Security
New passcodes for every login, significantly stronger than static passwordsXXXXXXXX
6-32 character one-time password, including time variant codeX
Public key crypto, hardened against phishing & man-in-the-middle attacksXXXXX
No cryptographic secrets stored or hosted by vendor*XXXX
User presence touch sensor, verifying that the user is human, not malwareXXXXX
Transparency on server software, open for scrutinyXXXX
Hardware protection of keys in secure elementXXXXXX
Usability
Fast “one-touch” authentication processXXXXX
No card reader neededXXXXXXX
No driver or client software neededXXXX
One device to any number of independent services, without federationX
No user identity required or shared, to preserve privacyX
No time synchronization issuesXXXXXXX
Portable between all computer platformsXXXX
Works with NFC devices, excluding iOSXXXX
Works with iOS devices**XX
No batteriesXXXXX
Waterproof and crush-resistantXXXX
Integrates seamlessly with computer, yet can still be removedXXXX
No need for extra hardware besides your computer and phoneXX
Authenticator fits nicely both on your keychain and in your walletXXXX
Works for users with limited visionXXXXXXX
Multiple affordable backups, minimizes risk of being locked outXXXXX
Cost
Offered with free, open-source servers and programming toolsXXXX
Multiple authentication and cryptographic protocols on one deviceXXXX
Easy for customer to program own secrets, at no or low costXXXX
Users can purchase their own authenticatorsXXXXX
Weighs less than a credit card, ships with standard postageXXXXX
End-user self-service provisioningXX
Low-cost HSM for securing OTP secretsX
Multiple backups minimizes recovery support costsXXXX

Read more about why YubiKey beats other methods on our blog post.

* No cryptographic secrets stored or hosted by vendor

Yubico offers an optional authentication service, YubiCloud, for hosting OTP secrets.

** Works with iOS devices

The YubiKey is often used in combination with a phone authenticator, or the computer with YubiKey bootstraps the phone (Gmail, LastPass, etc).

YubiKey for business, personal use, developers

The YubiKey is used by businesses to secure G Suite, Windows Login, Dropbox for Business, Salesforce.com, Open PGP encryption, password management, development platforms, and much more, plus the YubiHSM secures secrets on servers. Find out more about YubiKey for Business.

People use the YubiKey to secure their personal accounts on Google (Gmail, G Suite, YouTube, Blogger), Dropbox, GitHub, password managers, and many other applications that use two-factor authentication. Find out more about YubiKey for Personal Use.

Developers can integrate two-factor authentication in minutes using our free open source software. Find out more about YubiKey for Developers.

Find out more and compare YubiKeys.