YubiKey is a hardware 2FA device that plugs into your computer to authenticate your identity and secure access to your applications. Think of it as house key, but for your applications. You can simply plug a YubiKey into your computer and press a button on the key whenever you're prompted to authenticate. This small device, resembling a flash drive, will grant access to your configured applications without the need for you to enter a code manually, ensuring safe and convenient access.
A YubiKey can be used for your desktop, laptop, tablet, or smartphone. After configuring your YubiKey, you can plug the key into your device. When you're on an authentication page, you simply need to press the button on the key to authenticate. For devices with near-field communication (NFC), you'll need to bring the key closer to the device to authenticate.
YubiKey works similar to other 2FA methods using a one-time password (OTP) but removes the hassle of the user entering the OTP manually.
YubiKey works in three steps:
Phishing-resistant: With well-established cryptographic algorithms, YubiKey can recognize if the website you're trying to access is legitimate and refuse to authenticate if not. With YubiKey, an attacker cannot deceive you into revealing your credentials.
No interception: YubiKey helps you access applications without sending an OTP to another device. The process happens without the password leaving your device entirely. This frees you from an attacker possibly intercepting your credentials.
Physical possession: Even with the password, the attacker will still need your physical key to gain access. Holding the key gives you the physical assurance that only you possess access to your applications.
Passwordless logins: YubiKey simplifies logins and frees you from password fatigue. Relying on the physical key can also prevent password-related breaches.
Convenient access: A simple button press will grant access to all your applications. Unlike other 2FA methods, you don't need to check another device, wait for the OTP, and then enter it manually. The key does it all.
Compatibility: YubiKey works with many protocols like FIDO2, smart card, and OAuth. It supports a wide range of applications, including major services like Google, Microsoft, and Facebook.
ADSelfService Plus is an identity security solution with adaptive MFA that supports a wide range of authenticators, including YubiKey. By configuring YubiKey, you can seamlessly log in to Windows, MacOS, or Linux, access a wide range of enterprise applications through single sign-on (SSO), and perform self-service password reset and account unlocks.
YubiKey authentication works by verifying the secret keys from the server's database and YubiKey's public key. If this is successful, YubiKey will grant the user access to the application or service.
YubiKey can be used on desktops and laptops by plugging it into a USB port. For phones and tablets, it can be plugged into USB-C or lightning ports. For NFC-enables devices, the YubiKey can be brought close to the device.
YubiKey uses harware-based authentication and performs cryptographic operations internally. It generates an OTP similar to other 2FA methods, but the password doesn't leave the key.
When you are prompted with a login screen, plug in the YubiKey and press the button on the key to authenticate. The key will automatically fill in your credentials and grant you access to your applications.
