Okta and Yubico
Combining strong multi-factor authentication solutions with adaptive access management solutions for enhanced levels of protection. Together Okta and Yubico provide authentication that is contextual, convenient, and comprehensive.

Okta Adaptive MFA and YubiKey deliver the right authentication for every situation, when you need it and where you need it
Create intelligent policies that adapt the level of identity assurance all the way up to hardware-based authentication for stronger levels of protection. No matter the device, user or login context, Okta Adaptive MFA and YubiKey together deliver a more reliable, compatible, and modern approach to strong authentication.
Stronger together
Strong, phishing-resistant authentication for everyone
Protect all users, from entry-level to executive, with robust and reliable authentication they can trust. Safeguard users from phishing and eliminate account takeovers with strong authentication combining contextual software with hardware-backed security. Combining the might of Okta’s Adaptive MFA with Yubico’s range of YubiKeys provides a strength-in-depth approach to authentication that enterprises can count on.

Contextual
The right authentication for every situation
Every user needs to be identified, but not every service carries the same risk of data loss or account takeover. Okta’s Adaptive MFA tailors the authentication measures to each application, requiring strong authentication for the most critical services.
Intelligent policies can require admins accessing sensitive data such as PII to authenticate using YubiKey’s phishing-resistant modern authentication protocols such as FIDO2/WebAuthn. YubiKeys can act as the primary, step-up, or back-up authentication method to ensure secure access in every situation.

Convenient
Easy-to-use and always-on authentication
Users need a way to identify themselves and to access systems from a wide range of devices in different circumstances. The authentication flow must be familiar, intuitive, and reliable.
That’s why Okta and Yubico have partnered to provide a layered identity and access management process that works across devices and platforms. YubiKeys are battery-free and can work offline allowing for always-on authentication that supports FIDO2/WebAuthn standards and can even be used as a PIV-compatible smartcard. With a YubiKey as the portable root of trust, users will always have access to the data and applications they need, even if their device is lost or stolen and needs to be replaced. A portable root of trust enables for fast on-boarding of a new device and establishing it as a trusted device to access the user’s services.

Comprehensive
Every device, every app, every protocol
Every user needs to be identified, but not every service carries the same risk of data loss or account takeover. Okta’s Adaptive MFA tailors the authentication measures to each application, requiring strong authentication for the most critical services.
Intelligent policies can require admins accessing sensitive data such as PII to authenticate using YubiKey’s phishing-resistant modern authentication protocols such as FIDO2/WebAuthn. YubiKeys can act as the primary, step-up, or back-up authentication method to ensure secure access in every situation.
“Together, we are stepping up security to ensure only the right people have access to the right data, at the right time.”
Learn more about Okta and Yubico
Okta and Yubico—contextual, convenient, and comprehensive
Thousands of companies and millions of end-users use YubiKey to simplify and secure logins to computers, internet services, and mobile apps. Our customers include 9 of the top 10 internet companies, 3 of the 5 leading financial and retail companies, and several of the largest governmental entities around the world.
Hear what Yubico and Okta’s customers are saying

Spotlight case study: Figma
“The nice thing about the Okta and YubiKey combination is the flexible configuration options it provides. We started small, requiring FIDO2 on only a few applications, but very quickly we expanded to all applications for employees in critical risk functions.”
