Pricing  Get Quote
 
 
Blog

What is YubiKey and how does it work?

Written by Andrew PrasannaMFA2 min read

On this page
  • YubiKey explained
  • How to use a YubiKey
  • How does YubiKey work?
  • How is YubiKey more secure?
  • Benefits of using YubiKey
  • Why use YubiKey with ManageEngine ADSelfService Plus?
  • People also ask

YubiKey explained

YubiKey is a hardware 2FA device that plugs into your computer to authenticate your identity and secure access to your applications. Think of it as house key, but for your applications. You can simply plug a YubiKey into your computer and press a button on the key whenever you're prompted to authenticate. This small device, resembling a flash drive, will grant access to your configured applications without the need for you to enter a code manually, ensuring safe and convenient access.

How to use a YubiKey

A YubiKey can be used for your desktop, laptop, tablet, or smartphone. After configuring your YubiKey, you can plug the key into your device. When you're on an authentication page, you simply need to press the button on the key to authenticate. For devices with near-field communication (NFC), you'll need to bring the key closer to the device to authenticate.

How does YubiKey work?

YubiKey works similar to other 2FA methods using a one-time password (OTP) but removes the hassle of the user entering the OTP manually.

YubiKey works in three steps:

  • The user initiates the authentication process by pressing the button or bringing it close to an NFC device.
  • The YubiKey sends an OTP based on its unique identity and secret keys to fill in the input field automatically.
  • The application verifies the authenticity using the secret keys from the server's database and YubiKey's public key and grants access to the user.

How is YubiKey more secure?

Phishing-resistant: With well-established cryptographic algorithms, YubiKey can recognize if the website you're trying to access is legitimate and refuse to authenticate if not. With YubiKey, an attacker cannot deceive you into revealing your credentials.

No interception: YubiKey helps you access applications without sending an OTP to another device. The process happens without the password leaving your device entirely. This frees you from an attacker possibly intercepting your credentials.

Physical possession: Even with the password, the attacker will still need your physical key to gain access. Holding the key gives you the physical assurance that only you possess access to your applications.

Benefits of using YubiKey

Passwordless logins: YubiKey simplifies logins and frees you from password fatigue. Relying on the physical key can also prevent password-related breaches.

Convenient access: A simple button press will grant access to all your applications. Unlike other 2FA methods, you don't need to check another device, wait for the OTP, and then enter it manually. The key does it all.

Compatibility: YubiKey works with many protocols like FIDO2, smart card, and OAuth. It supports a wide range of applications, including major services like Google, Microsoft, and Facebook.

Why use YubiKey with ManageEngine ADSelfService Plus?

ADSelfService Plus is an identity security solution with adaptive MFA that supports a wide range of authenticators, including YubiKey. By configuring YubiKey, you can seamlessly log in to Windows, MacOS, or Linux, access a wide range of enterprise applications through single sign-on (SSO), and perform self-service password reset and account unlocks.

Passwordless and FIDO passkey login with ADSelfService Plus

People also ask

How does YubiKey authentication work?

YubiKey authentication works by verifying the secret keys from the server's database and YubiKey's public key. If this is successful, YubiKey will grant the user access to the application or service.

Where is YubiKey used?

YubiKey can be used on desktops and laptops by plugging it into a USB port. For phones and tablets, it can be plugged into USB-C or lightning ports. For NFC-enables devices, the YubiKey can be brought close to the device.

What type of security is YubiKey?

YubiKey uses harware-based authentication and performs cryptographic operations internally. It generates an OTP similar to other 2FA methods, but the password doesn't leave the key.

How do I authenticate with YubiKey?

When you are prompted with a login screen, plug in the YubiKey and press the button on the key to authenticate. The key will automatically fill in your credentials and grant you access to your applications.

 

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust
Email Download Link