Yubico’s web service for verifying one time passwords (OTPs)

Strong two-factor validation for any IT system and online service

Strong security

YubiKey secrets protected with YubiHSM Hardware Security Module.

Business continuity

Redundant service with locations on multiple continents.

Fast protection

Free and easy web API integration in less than an hour.

How YubiCloud works

Get started with free web APIs for fast and easy integration of YubiCloud into services and IT systems. You can also easily access paid support and SLAs for a smoother experience all round.

Five YubiCloud OTP validation servers are located around the world, distributed and synchronized to ensure that there is no single point of failure and that your business continuity is assured.

Check the status of YubiCloud, anytime, anywhere

YubiKey Authentication Module

YubiKey authentication modules are developed to add YubiKey two-factor authentication to server-side applications. 

The YubiKey Authentication Module can validate the OTP against either its own Validation Server or against the Yubico Online Validation Service. 

Organizations can decide which model works best for their application. The main benefit with your own server is that you are in full control over all AES keys programmed into the YubiKeys. 

The main benefit of using the Yubico online Validation Service is that the YubiKeys are already ready to use with the Online Validation Service out of the box (no additional handling needed). It also enables users that already have a YubiKey to sign up for your service.

Integration best practices

Add YubiKey authentication to server-side applications

Download to get started

YubiKey module design guideline document

Design and develop a comprehensive and configurable YubiKey authentication module for server-side applications. 

Gain insights and recommendations on how the module should be implemented, administered and maintained.

The growing popularity and adoption of the YubiKey has resulted in a number of partner enterprise solutions and open source projects offering server-side YubiKey modules for two-factor authentication. 

Use a set of industry best practices guidelines that will help you experience a smooth deployment, management, authentication and recovery capabilities offered by the array of server side modules available today. 


  • YubiKey Hardware
  • YubiCloud or own validation server

Read more about Yubico OTP on our developers site