YubiKey
Multi-factor authentication (MFA) software
Biometric authentication software
Passwordless authentication software
Identity management software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if YubiKey and its alternatives fit your requirements.
$29 per single key
Free Trial unavailableFree version unavailable
Small
Medium
Large
- Professional services (engineering, legal, consulting, etc.)
- Energy and utilities
- Information technology and software
What is YubiKey
YubiKey is a hardware security key used to perform strong multi-factor authentication and enable passwordless sign-in using standards such as FIDO2/WebAuthn and U2F. It is typically deployed by IT and security teams to protect workforce access to operating systems, VPNs, cloud applications, and developer/admin accounts. The product differentiates through phishing-resistant authentication based on public-key cryptography and support for multiple protocols (e.g., FIDO, smart card/PIV, and OTP) depending on model and configuration. YubiKey is commonly used as a second factor, a primary passwordless factor, or a recovery method for high-risk accounts.
Phishing-resistant authentication
YubiKey supports FIDO2/WebAuthn and U2F, which are designed to prevent credential replay and reduce susceptibility to phishing compared with one-time codes. Authentication relies on cryptographic keys stored on the device rather than shared secrets. This makes it well-suited for protecting privileged users and high-value SaaS accounts where account takeover risk is high.
Broad protocol and platform support
Depending on the model, YubiKey supports multiple authentication methods, including FIDO, smart card/PIV, and OTP, which helps organizations integrate with a range of identity providers and legacy systems. It works across common desktop and mobile platforms using USB-A/USB-C, NFC, or Lightning variants. This flexibility can reduce the need to run separate authenticators for different application types.
Offline-capable hardware factor
Because the authenticator is a physical device, it can be used in environments where phones are restricted or where cellular connectivity is unreliable. It does not require installing a mobile app for core FIDO-based flows, which can simplify deployment for certain user groups. Hardware-based possession also provides a clear control for issuing, inventorying, and revoking access factors.
Physical logistics and lifecycle overhead
Organizations must purchase, distribute, and manage physical keys, including spares and replacements for lost or damaged devices. This introduces inventory, shipping, and help-desk processes that software-only authenticators may avoid. User experience can also be impacted when a key is forgotten or unavailable during travel.
Not a full identity platform
YubiKey provides the authenticator, but it does not replace an identity provider or customer identity platform that manages user directories, policies, and application integrations end-to-end. Many deployments still require an external IAM/SSO system to enforce conditional access, risk-based policies, and user lifecycle management. As a result, it is typically one component within a broader identity architecture.
Biometrics depend on model
Biometric authentication is only available on specific YubiKey Bio models and is not inherent to all YubiKey devices. Even with biometric keys, the biometric match occurs on the device and primarily serves as local user verification for FIDO flows, not as an enterprise biometric identity proofing system. Organizations seeking biometric enrollment, liveness checks, or identity verification workflows generally need additional products and processes.
Plan & Pricing
| Plan / SKU | Price (USD) | Key features & notes |
|---|---|---|
| Security Key NFC (USB-A, FIDO-only) | $29 (single) | Low-cost FIDO2/WebAuthn & U2F security key. Bulk: tray of 50 listed ($1,450). Bulk discounts: 4% (50-199), 6% (200+). |
| YubiKey 5 NFC (USB-A, multi-protocol) | $58 (single) | Multi-protocol (FIDO2, U2F, OTP, OATH, PIV, OpenPGP). Bulk trays available (e.g., tray of 50 listed $2,900). |
| YubiKey 5C NFC (USB-C, multi-protocol) | $58 (single) | USB-C + NFC variant of YubiKey 5 Series. |
| YubiKey 5C (USB-C, multi-protocol) | $65 (single) | USB-C multi-protocol YubiKey 5 Series. |
| YubiKey 5 Nano / 5C Nano (nano form-factors) | $68 (single) | Nano form-factor for in-device retention; multi-protocol. |
| YubiKey 5Ci (USB-C + Lightning) | $85 (single) | Multi-protocol with Lightning connector for Apple devices. |
| YubiKey Bio (Biometric, FIDO only) | $98 (single) | Biometric (fingerprint) FIDO-only key; available in USB-A and USB-C variants. |
| YubiKey 5 NFC FIPS (single / trays) | $88 (single listed on FIPS page) / FIPS trays (e.g., $4,000+) | FIPS 140-2 validated variants for regulated/gov use; enterprise options and FIPS 140-3 roadmap noted. |
| YubiKey as a Service (YubiEnterprise / subscription tiers) | Contact sales / not listed publicly | Subscription offering (Base / Advanced / Compliance tiers) — described as “less than a cup of coffee per user, per month” on vendor site; requires sales contact for exact pricing. |
Notes: Prices above are vendor-listed retail single-unit prices shown on Yubico’s official store/product pages (US site) and selected tray/bulk listings. Bulk discounts and tray pricing are explicitly shown on product pages. Prices are one-time purchase amounts for hardware keys unless obtained through YubiKey as a Service (subscription) which requires contacting sales.
Seller details
Yubico AB
Stockholm, Sweden
2007
Private
https://www.yubico.com/
https://x.com/Yubico
https://www.linkedin.com/company/yubico/
