One key. Two form factors. The Standard and Nano deliver a one-time passcode (OTP) with a simple touch of a button. No SMS-like passcodes to retype from one device to another. Our most basic YubiKey identifies itself as an external keyboard, which eliminates the need for client software or drivers. The nearly indestructible key holds tight onto its secrets, and its design ensures it will never be a vector for viruses or malware, just like the rest of our YubiKeys.
- 128-bit AES encryption
- Option to program own secrets
- Works on Windows, Mac OS X, Linux operating systems; Firefox, Chrome and other browsers
- Waterproof, crush safe, no battery (ask us about the dog that ate our YubiKey!)
- Multiple configurations: including OATH, Challenge-Response
- YubiKey Standard attaches to your keychain alongside your house and car keys; YubiKey Nano fits conveniently inside the USB port
- Lowest total cost of ownership for strong two-factor authentication
Where you can use YubiKey
The YubiKey can be used for securing access to a wide range of applications, including remote access and VPN, password managers, computer login, Gmail login, content management systems, popular online services, and much more. Find out more about the range of open source and enterprise solutions on our YubiKey for Business and YubiKey for Individuals pages.
How it works
Two-factor authentication is becoming the go-to technology for protecting your applications and accounts from the epidemic of password thefts. YubiKey thwarts hackers with a unique hardware device that plugs into a USB port. Elegant in design, simple in operation.
The YubiKey is a second authentication method based on a unique physical token which cannot be duplicated or recorded, providing a credential based on something only an authorized user possesses. Used with a standard username and password, the YubiKey provides strong, two-factor authentication to any site, service or application.
Any System, Any OS
Any computer which can use a USB keyboard can also use the YubiKey, regardless of the computer hardware, operating system or system drivers. The YubiKey AES Key information can never be extracted from a YubiKey device – only programmed to it. Further, only the YubiKey security-related codes are directly read from the YubiKey when in use. No transfer of non-security related data means the YubiKey will never be a vector for viruses, Trojans, or other malware.
Durable, Rugged, Secure
The YubiKey hardware itself consists of injection-molded plastic encasing the circuitry which makes up the YubiKey, while the exposed elements consist of military-grade hardened gold. The YubiKey does not contain an internal battery or any moving parts – meaning that a YubiKey will never stop functioning due to lack of power, mechanical issues, or internal damage due to exposure.
The YubiKey Standard and YubiKey Nano have been granted FIPS 140-2 certification (#2267), validating that the design and security functionality meets the highest security standard.
Integrate YubiKey Support
Learn how you can add YubiKey authentication to your site or service at our developer site.
Start your YubiKey
If you already have a YubiKey, you can try it out here with the Yubico validation service.