User-friendly, secure authentication
The industry's leading security key for secure two-factor, multifactor and passwordless authentication.
Security keys without phishing risk
Stop account takeovers and prevent data breaches with FIDO-based security that defends against man-in-the-middle attacks.
Easier and more secure than authenticator apps
No need to pick up your smartphone or re-enter passcodes. Just plug in your YubiKey and type. The rest is done for you.
Works with hundreds of services
The YubiKey works with Windows and Mac, Gmail, Dropbox, Facebook, Salesforce, Duo and many more services.
Table of Contents
YubiKey 5 Series
The YubiKeys 5 Series eliminates account hijacking by effectively securing legacy and modern systems against phishing attacks through its MFA multi-protocol capabilities. The 5 Series provides all industry-relevant protocols needed for strong two-factor, multi-factor, passwordless authentication and seamless touch-to-sign.
YubiKey 5 Series
Security key series
Yubico's security key series combines hardware-based authentication with public key cryptography and U2F and FIDO2 protocols to eliminate account takeovers.
YubiKey 5 FIPS Series
The FIPS-certified YubiKey security keys meet the highest security level (AAL3) of the new NIST SP800-63B recommendations.
YubiKey Bio - In a nutshell
The YubiKey Bio is a hardware authenticator with fingerprint recognition.
Why YubiKey?
Your key for fast, secure login. Stop phishing and protect your online accounts with YubiKey's two-factor and passwordless authentication. Millions of enthusiastic users in 160 countries.
Ultra-safe
Zero known account takeovers in 11 years. The physical key must be used by a human and cannot be hacked remotely.
Fast and reliable
One-tap login, no download, no batteries, and durable and waterproof. Made in Sweden and California.
One key, many advantages
One key to access hundreds of popular websites. No user or security information is shared between services, so your data is protected.
The authentication challenge
Data breaches, phishing and billions of stolen credentials
The internet was designed for sharing information, not for high security. As it has evolved and grown to become an essential part of our everyday lives, so has the number of fraudsters. Currently, 18 million credentials fall into the wrong hands every day.
Passwords are becoming more and more complex
We simply cannot remember multiple complex passwords. Sometimes we also sacrifice security by simplifying passwords or using them over and over again.
Mobile authenticators cannot prevent phishing
For more security, we were then asked to use two-factor authentication (2FA) such as mobile authenticators and SMS. But it turned out that these are slow and do not prevent the theft of your credentials through modern phishing attacks.
Authentication without compromise
Stop account takeovers, enable passwordless access and modernise your multi-factor authentication. Get YubiKey for outstanding security, ease of use and return on investment.
The biggest security problem: stolen credentials
Corporate security budgets are getting bigger, but at the same time security breaches are also on the rise
Although global spending on corporate security now exceeds $100 billion per year, the number of security breaches is increasing, not decreasing.
Knowing what matters most
Less than 10 % of budgets are spent on preventing credentials from being shared illegally, even though more than 80 % of all security breaches are due to this.
Simple 2FA is vulnerable... and cumbersome
Authentication software or security codes downloaded onto a computer or phone are vulnerable to modern phishing and man-in-the-middle (MITM) attacks. Manually entering a code from one device on another is time-consuming and error-prone.
The YubiKey is the solution
Proven in many places
Thousands of businesses and millions of end users use YubiKey to simplify and secure access to computers, internet services and mobile apps. Our customers include 9 of the top 10 internet companies, 3 of the top 5 financial and retail companies, and several of the largest government agencies around the world.
Groundbreaking global standards
The first YubiKey was released in 2008. The vision, inspired by the term "ubiquity", was to protect all online accounts with one security key. Our founders moved from Sweden to Silicon Valley to introduce a new global security standard that is now supported by all leading platforms and browsers.
Secure access with YubiKey
Computer
Insert your YubiKey and touch it.
Mobile devices
Just tap on it.
For particularly security-conscious organisations
For compliance Regulatory-approved strong two-factor and multifactor authentication
State approved
Meets FIPS 140-2 certification requirements as well as the highest security level (AAL3) of the new NIST SP800-63B recommendations.
Complies with US Department of Defence regulations
Meets DFARS requirements for strong authentication and is the only hardware authenticator that meets US Department of Defense contractor security requirements.
Secure personal data and payments
Secures access to personal data according to DSGVO. Yubico and FIDO play active roles in the PSD2 framework with proven technology.
Preventing account transfers
The YubiKey offers excellent protection thanks to the combination of hardware-based authentication and public key cryptography. It can thus effectively ward off phishing and account takeovers.
Simple, fast and reliable
YubiKey authentication is four times faster than entering a one-time passcode. You authenticate simply by touch.
Lower IT operating costs
The YubiKey is proven to reduce password support cases by 92 % and reduce IT support costs.
Secure authentication for compliance requirements
Smart Card/PIV
Out-of-the-box native integration for the Microsoft environment with smart card/PIV functionality based on NIST SP 800-73 specification.
FIDO2 & FIDO U2F
Secure two-factor authentication with public-key cryptography to protect against phishing, session hijacking, man-in-the-middle and malware attacks.
One-time passcodes
Integrate Yubico OTP natively with the free YubiCloud authentication service, or program unique TOTP or HOTP secrets.
Duke University protects critical IT systems with YubiKey Duke protects users from phishing, keyloggers and weak passwords with the push of a button.
Cloud-based hosting provider secures virtual machine keys with YubiHSM 2
CERN uses YubiKeys to protect administrator accounts and server access. CERN protects critical resources by easily integrating systems to provide one-touch protection.
EN 
DE