YubiKey 5 NFC

I have used a YubiKey for authentication at work for the past 3 years and while reviewing hardware MFA security keys did quite a bit of research of the various keys out that and the compatibility of the key with different solutions including the ability to authenticate with Windows Hello login, using passkey instead of BIO authentication and this one is one of the few recommended. Additionally, I liked the idea of using it with my cell phone as well and have setup many sites to use passkey authentication including ones like "login.gov" which supports and advocates for passkeys. Tonight I took the YubiKey out of my laptop and authenticated to a web site I had previously setup from my laptop with my mobile phone. I chose "passkey" for authentication then placed the YubiKey against the back of my cell phone with my finger on the touch pad and it immediately authenticated and logged it successfully. Now I can key from both devices once a key pair is setup for a web site so completely portable. You do have to enable NFC from your phone as it is likely off by default. I would buy this again and it works better and is a much easier and more way to login (authenticate) than passwords which are easily compromised. If I knew it was this easy and worked so well before I would have bought it long ago as the FIDO 2 keys have been available for a long time, it is just that many people do not know much about them.

It's a yubikey, what's there to explain? It plugs into your usb-c port or can be used with NFC and supports a number of protocols to secure your digital life. No install required, easy to remove, and more functions than you'd think possible. An incredible value for digital denizens! I personally use it as a backup key to my primary one (the USB-C model) and actually find it a bit easier to insert and remove.

The Yubikey USB token is a game-changer for anyone serious about online security. This small device provides an incredibly simple and powerful layer of protection against phishing, hacking, and identity theft. Unlike two-factor authentication that relies on codes from your phone, the Yubikey uses public key cryptography, meaning even if a phisher gets your password, they can't access your account without physical possession of the key. What makes it so great is how effortlessly it works. You simply plug it into a USB port or tap it with your NFC-enabled device, touch the gold disk, and you’re instantly authenticated. There's no battery, no software to install, and no codes to type. The peace of mind this little device provides is priceless, securing everything from your email and social media to your password manager. It's an essential, robust, and user-friendly security upgrade that makes your digital life much safer.

Works exactly as described. Helps upgrade my security on a number of websites. Easy to setup and use.

NOTE: If you buy a YubiKey and don't know where to begin, search for the YubiKey Manager GUI from Yubico. There are numerous tools that work with YubiKeys, but some are outdated or overly complex. The manager has a simple, clean interface. In short, I think it's a really neat device, which can help improve your digital security, if you're willing to invest the time/energy to research it. I bet your identity is worth more than $45. Pros: * Very versatile, lots of features * Cutting edge security, WebAuthn is now a web standard (March 2019) * Backed by significant tech players * NFC wireless connectivity * Should work with most Android devices * Durable build Cons: * Documentation is limited and scattershot, you will need to teach yourself * More expensive than some alernatives * Limited FIDO2/WebAuthn support right now (April 2019) * Limited iOS/iPhone support right now * Many overlapping, confusing tools available * Only some functionality exposed in GUI tools, there is much, much more on command line and via APIs * No firmware upgrades * Can't backup or copy a YubiKey * Closed source, proprietary design -- no possibility of independent audits The documentation is admittedly scattershot, so here is a summary of what I've learned. Think of the YubiKey 5 NFC as having three separate, built-in apps: 1) FIDO, 2) CCID, 3) OTP. Each of these apps has multiple functions. --1) FIDO app-- * FIDO2: The newest standard, supported by most web browsers now, expect to see more websites transitioning to FIDO2/WebAuthn logins in the coming years. DropBox and Google are two notable websites that support it today. * U2F: The old pre-FIDO2 approach, partially supported by some browsers and websites. --2) CCID app-- * OATH: Install the Yubico Authenticator to configure this. Similar to Authy, Google Authenticator, etc. TOTP provides time-based one-time passwords, HOTP provides counter-based one-time passwords. More secure replacement for the SMS- and email-based 6-digit login codes you may be receiving now, if you have 2FA enabled on your accounts. * PIV smartcard: Can be configured for logging into some computers. * OpenPGP: Useful for email encryption, signature verification, SSH logins. --3) OTP app-- * You get two configurable slots, they can be: Yubico OTP, challenge-response, static password, or OATH-HOTP. To summarize, you get FIDO2, U2F, OATH, PIV, and OpenPGP apps out of the box, plus you can choose how to configure two *additional* slots to suit your needs. One of them is pre-configured with Yubico OTP, which requires internet access and registration with Yubico. The most useful feature to the average user will be the FIDO app, although currently (April 2019) there is almost nowhere to use it. Buying this today is like being on the bleeding edge, although Yubico contributed to the FIDO2 standards. WebAuthn means websites don't store passwords anymore (not even encrypted), and phishing becomes far more difficult, as your authenticator device is only associated with a single website. The idea is to use devices like the YubiKey, an optional PIN, as well as biometric data (fingerprints, iris scans, etc) to identify the user, instead of relying on a shared password. The YubiKey can store "unlimited" FIDO credentials. The second most useful feature is the OATH app. To use this, you must install the Yubico Authenticator app on your computer or mobile device. When you insert the YubiKey, you will see the list of one-time passwords. However, there is a limit of only 32 slots. NOTE: OATH-HOTP uses a counter and will eventually roll over, so it has limited uses, but TOTP is time-based and should work indefinitely. Equally useful is the static password option, which you can enable in an OTP slot. This lets the YubiKey "type" in a password on your computer, in many situations where other authentication isn't possible. For example, you can type your own easy-to-remember password, and then add the YubiKey static password at the end. This should work universally on devices supporting USB input. The other options are more specific and for the advanced or power user with some IT background. Configuring OpenPGP properly is not trivial, nor is it likely to be used by the average person. However, if you are in IT or need the added security, you can add your encryption, signing, and even authentication keys to the YubiKey (once stored, they cannot be retrieved). I've successfully logged into SSH servers and committed to GitHub using this technique -- it works perfectly. You will need GPG or similar installed to configure this. If you don't know what PIV smart cards are, you likely won't have a use for them, however you can configure Linux and Mac boxes to take advantage of this for logging in, as well as on Windows domains. I imagine this is more useful in large organizations. The downsides are not inconsiderable. You are essentially trusting a closed, proprietary device, but it has been proven time and again that "security through obscurity" doesn't work. If there's a critical bug in the design, you are stuck with it, as there is no way to upgrade the firmware. You cannot retrieve secret data from the YubiKey, but this means you can't make a backup or copy once it has been configured. You need to duplicate the key *during* configuration, or save a record of all the secret data. Keep that in mind. A final note is that the YubiKey has both USB and NFC connectivity. If your smartphone supports NFC, you can simply hold the YubiKey against it to authenticate. If you can't use NFC or don't want it, you can disable it with the YubiKey Manager. You can selectively disable USB and NFC for each app. NOTE: you can buy a cheap USB OTG adapter and still use your YubiKey with your smartphone, to an extent.

The Yubico YubiKey 5 NFC is an exceptional two-factor authentication device that provides an additional layer of security to protect your digital identity. This compact and versatile key has become an integral part of my online security strategy, and I am thoroughly impressed with its performance and reliability. The standout feature of the YubiKey 5 NFC is its ability to provide strong two-factor authentication. It combines something you have (the physical key) with something you know (your password) to verify your identity. This significantly enhances security by thwarting unauthorized access and protecting against phishing attacks or password breaches. The YubiKey 5 NFC offers a range of authentication methods, including one-time password (OTP), FIDO Universal 2nd Factor (U2F), and NFC. The NFC functionality allows for seamless and convenient authentication on NFC-enabled devices, such as smartphones or tablets. Simply tap the YubiKey to the device, and it securely verifies your identity, providing a frictionless experience. Setting up the YubiKey 5 NFC is straightforward. It is compatible with a wide range of platforms and services, including popular ones like Google, Facebook, Dropbox, and many more. The YubiKey works with major web browsers and operating systems, making it incredibly versatile and adaptable to your specific needs. The build quality of the YubiKey 5 NFC is exceptional. It is made of durable materials, ensuring longevity and reliability. The key is designed to withstand physical wear and tear, and it is water-resistant, making it suitable for various environments and conditions. The portability of the YubiKey 5 NFC is another advantage. Its compact size allows you to easily carry it on a keychain or in your pocket, ensuring that it is always accessible when needed. The absence of batteries or moving parts adds to its convenience, as there is no need for charging or maintenance. Yubico, the company behind the YubiKey, is known for its commitment to security and privacy. The YubiKey 5 NFC undergoes rigorous testing and encryption protocols to ensure the highest level of protection for your sensitive data. It provides peace of mind, knowing that your online accounts and digital assets are safeguarded against unauthorized access. In terms of value, the YubiKey 5 NFC is an excellent investment. Its robust security features, versatility, and compatibility with a wide range of services make it a worthwhile addition to your digital security arsenal. With the rising threat of cyberattacks and identity theft, the YubiKey provides a simple yet powerful solution to protect your online presence. In conclusion, I highly recommend the Yubico YubiKey 5 NFC to anyone seeking stronger security for their digital life. With its seamless authentication process, durable construction, and broad compatibility, it sets the standard for two-factor authentication devices. Invest in the YubiKey 5 NFC and take control of your online security, ensuring that your accounts and personal information remain secure.

I've been using an older version of the Yubico key for a while now. This version is a really good upgrade from the earlier editions -- mostly because of the included NFC capability. I strongly recommend buying two of these at a time if you can. They'll still work, but having a backup stored somewhere safely can really make things easier if you ever lose your original. It fits on a keychain and I've never had a problem with the older one that I've had for about 10 years. The only downside to these is that not every website or company implements this as an option for 2-factor identification. It's simply bizarre to me that I can use this on quite a few websites with the extremely noticeable exception of *every* *single* financial institution that I do business with. (I know there are some banks that do, though). Once you set it up, it's easy to do. The only complaints that I get from most people is that it's just a hassle to have to log-in and take the extra 5 (maybe 10) seconds to pull out the key to log into your account. This is a must if you use a password manager. If all you're using is single-factor on your Dashlane or LastPass or 1Password you need to consider the extra security by taking this extra step (for whatever password manager you use -- and you really *need* to be using a password manager, btw). You do need to make sure to read the instructions which can be a little technical, but Yubico has a great set of tutorials that make it fairly simple (plus there are a ton of instructional videos on YouTube that are helpful as well). Or just get your techie friend to help. You don't really need to use this for every single website, and there are a lot of websites that don't use it, but for the ones where you have any personal or financial information, it's becoming more and more of an almost necessity. Before you buy, make sure to read up a little on how they work and that will let you know which one will work better for you. Overall, these are a great way to provide a fairly significant increase in your online security. Realize, however that it won't guarantee that you won't be part of a breach, but you at least can feel better about someone being able to take over your important accounts by guessing your password or stealing your phone/computer/tablet. If someone steals both, then all bets are off. That's why you keep the Yubico key on your keychain and your computer somewhere else. I'd recommend these for people who have a need for extra security online. Also, remember that (so far and contrary to what you may hear or read anecdotally), there hasn't been a single case where this type of 2FA has been breached when it's been used correctly.

Does everything it's supposed to I was actually surprised about the slot thing it has its great for the price I believe it could be $10 less but it has all the functionality it claims. It's actually very small compared to the other one I bought which didn't do what it claimed. The USB and NFC work fine tho. My school does a pat down and a metal detector thing but I can walk straight through without the metal detector going off. And since it's design is so small it fits in my small right pocket that's on jeans. It's compatable with all devices even Kali Linux if you know how to install the app. To get the slots tho you need the app on computer. It supports FIDO2 otp hotp and all the other stuff with the yubikey app available on playstore apple store and there website for windows and Linux download.