YubiKey is trusted by millions of users at small, medium, and large businesses — including 9 of the top 10 internet companies.
With just one YubiKey, your users can log in to their computer, log in using PIV, access remote desktops, log in to Salesforce.com, use GSuite, protect GitHub repositories, access Dropbox — and many more enterprise applications.
Use the following table to determine which functions are required to satisfy your business requirements.
Functions by Business Requirement
|Smart Card Login CCID/PIV||One-Time Password (OTP)||Challenge-Response (C/R)||Static Password||FIDO Universal 2nd Factor Authentication (U2F)|
Definition of functions:
Smart Card Login CCID/PIV: Smart cards contain a computer chip that brokers data exchanges. These same features are contained in YubiKey 4 and YubiKey NEO, based on the industry standard Personal Identity and Verification Card (PIV) interface over the CCID protocol, which supports PIV on a USB interface.
One-Time Password (OTP): The YubiKey generates an encrypted password that can only be used once. Hackers require physical access of your YubiKey to generate the OTP. This feature is available on every YubiKey except the U2F Security Key. Note that HOTP is supported out of the box; TOTP is supported with a secondary application, the Yubico Authenticator application.
Challenge-Response (C/R): The Challenge-Response method is best suited for offline validations. Use for Windows, Mac OS X, and Linux computer login. The C/R feature is available on every version of YubiKey except the U2F Security Key.
Static Password: A basic YubiKey feature that generates a 38-character static password compatible with any application login. It is most-often used with legacy systems that cannot be retrofitted to enable other 2nd factor authentication schemes, such as pre-boot login. Static password is available on every version of YubiKey except the U2F Security Key.
FIDO Universal 2nd Factor Authentication (U2F): An emerging standard from the FIDO Alliance for applying two-factor authentication to any number of web-based applications, such as Gmail. Works via the browser, Chrome today, Firefox under development) and does not require any drivers. Does not require any client software or drivers.
Contact sales to talk about your use cases and volume pricing.