YubiKey facts for kids
| Private | |
| Industry | Hardware |
| Founded | 2007 |
| Headquarters | Palo Alto, California, United States |
|
Key people
|
Stina Ehrensvärd (CEO and founder) Jakob Ehrensvärd (CTO) |
The YubiKey is a small device that helps you log into your computer, networks, and online accounts safely. It's made by a company called Yubico. Think of it like a special key that protects your digital stuff.
YubiKeys use different ways to keep your accounts secure. They can create special one-time passwords (OTP) or use a clever system called public-key cryptography. They also work with modern security rules like Universal 2nd Factor (U2F) and FIDO2. These rules were created by a group called the FIDO Alliance.
This device helps you log in by making a unique password each time or by using a secret code it creates. YubiKeys can even store regular passwords for websites that don't use these advanced security methods. Big companies like Google, Amazon, Microsoft, Twitter, and Facebook use YubiKeys to keep their employees' and customers' accounts safe. Some apps that manage your passwords also work with YubiKeys.
Yubico also makes a simpler, cheaper device called the Security Key. It mostly uses the FIDO2/WebAuthn and FIDO/U2F security rules.
YubiKeys use special codes like HOTP and TOTP to create one-time passwords. The device acts like a keyboard and sends these passwords through a USB port. A YubiKey can also work like a special card for OpenPGP to sign or encrypt messages. This means your secret keys stay safe inside the device. It can also act like a smart card for other security uses, like signing computer code or logging into certain networks.
Yubico was started in 2007 by its CEO, Stina Ehrensvärd. It's a private company with offices in places like Palo Alto, Seattle, and Stockholm. Jakob Ehrensvärd, who is Yubico's CTO, helped create the original security rules that became known as Universal 2nd Factor (U2F). In 2018, YubiKey released its YubiKey 5 series, which added support for the newer FIDO2 security standard.
Contents
How YubiKey Started
Yubico started in 2007. They offered a test version for developers in November of that year. The first YubiKey was shown in April 2008. A stronger version, the YubiKey II, came out in 2009. The name "YubiKey" comes from "your ubiquitous key." "Yubi" also means "finger" in Japanese.
The YubiKey II and newer models have two "slots." These slots can store two different settings. You use the first slot by pressing the button quickly. You use the second slot by holding the button for 2 to 5 seconds.
In 2010, Yubico introduced the YubiKey OATH and YubiKey RFID models. The YubiKey OATH could make shorter 6- or 8-character passwords. The YubiKey RFID model also had a special chip for radio-frequency identification (RFID).
In February 2012, Yubico launched the YubiKey Nano. This was a tiny version that fit almost completely into a USB port. It only showed a small touch area for the button. Many YubiKey models now come in both standard and "nano" sizes.
Also in 2012, the YubiKey Neo came out. This model used near-field communication (NFC) technology. NFC lets devices talk to each other when they are close. The Neo could send one-time passwords to NFC readers. It could also work as a smart card.
In 2014, the YubiKey Neo got an update to support FIDO Universal 2nd Factor (U2F). Later that year, Yubico released the FIDO U2F Security Key. This key only had U2F support. It did not have other features like one-time passwords or NFC. Because it was simpler, it cost less.
In April 2015, the YubiKey Edge was launched. It came in standard and nano sizes. This key handled one-time passwords and U2F. But it did not have smart card or NFC features.
The YubiKey 4 family came out in November 2015. These keys worked with USB-A ports. The YubiKey 4 had most of the YubiKey Neo's features. It could use larger OpenPGP keys. However, it did not have NFC.
At CES 2017, Yubico announced a YubiKey 4 version for USB-C ports. The YubiKey 4C was released in February 2017. On Android phones, only the one-time password feature works with USB-C. A 4C Nano version was available in September 2017.
In April 2018, the Security Key by Yubico was released. This was their first device to use the new FIDO2 security rules. It was blue and had a key icon. It also had a small "2" etched on it. This key was less expensive because it focused on FIDO2 and U2F. It did not have the one-time password or smart card features.
YubiKey Features
Here is a list of the main features and abilities of different YubiKey products.
| Model |
|---|
| Years sold |
| OATH OTP |
| Secure static passwords |
| Yubico OTP |
| OATH: HOTP (event) |
| OATH: TOTP (time) |
| Smart card (PIV-compatible) |
| OpenPGP |
| FIDO U2F |
| FIDO2 |
| General-purpose HSM |
| FIPS 140-2 |
| NFC |
| USB-A |
| USB-C |
| Lightning |
| YubiKey VIP | YubiKey Plus | YubiKey Nano | YubiKey NEO-n | YubiKey 4 Nano | YubiKey Edge-n | YubiKey Standard | YubiHSM 1 | FIDO U2F Security Key | Security Key by Yubico | YubiKey NEO | YubiKey 4C Nano | YubiKey 4C | YubiKey 4 Nano | YubiKey 4 | YubiKey C Nano FIPS | YubiKey C FIPS | YubiKey Nano FIPS | YubiKey FIPS | YubiHSM 2 | Security Key NFC by Yubico | YubiKey 5C Nano | YubiKey 5C | YubiKey 5 Nano | YubiKey 5 NFC | YubiKey 5Ci | YubiKey 5C NFC |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2011–2017 | 2014–2015 | 2012–2016 | 2014–2016 | 2016–2017 | 2015–2016 | 2014–2016 | 2015–2017 | 2013–2018 | 2018–2020 | 2012–2018 | 2017–2018 | 2017–2018 | 2015–2018 | 2015–2018 | 2018–present | 2018–present | 2018–present | 2018–present | 2017–present | 2019–present | 2018–present | 2018–present | 2018–present | 2018–present | 2019–present | 2020–present |
| Yes | Yes | |||||||||||||||||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||||||||||
| Yes | Yes | |||||||||||||||||||||||||
| Yes | Yes | Yes | Yes | |||||||||||||||||||||||
| Yes | Yes | Yes | Yes | |||||||||||||||||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | ||||||||
| Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |||||||||||||||||||
| Yes |
ModHex: A Special Alphabet
When YubiKeys create one-time passwords or use stored passwords, they use a special alphabet. This alphabet is called ModHex. It's designed to work the same way no matter what kind of keyboard settings your computer has. ModHex uses 16 characters: "cbdefghijklnrtuv". These stand for the numbers "0123456789abcdef" in a special code.
YubiKeys use basic keyboard signals. This can cause problems if your computer uses a different keyboard layout, like Dvorak. ModHex was created to avoid these problems. It only uses characters that are in the same spot on most keyboards. This way, it can still use 16 different characters, just like regular numbers and letters. You can also temporarily switch your computer to a standard keyboard layout to use the YubiKey. Newer YubiKey Neo devices can be set up to work with different keyboard layouts.
This ModHex issue only happens when the YubiKey acts like a keyboard. When it uses U2F security, it sends direct computer messages instead of keyboard signals. When it acts like a smart card reader, it uses a different method entirely.
Keeping YubiKeys Secure
Yubico works hard to make sure its devices are safe. Most of the code inside a YubiKey is kept secret. This means you have to trust that the company has made it secure. Some people in the computer world prefer to see all the code. This is because more eyes on the code can help find and fix problems faster.
In 2017, experts found a problem in some YubiKey 4 devices. This problem could make it easier for someone to guess secret keys. Yubico fixed this issue in new devices. They also offered free replacements for affected keys.
In 2018, Yubico found a small problem with password protection on some YubiKey NEO devices. This problem was also fixed with a software update. Yubico offered free replacements for these keys too.
In 2019, Yubico reported a problem with some FIPS-certified devices. These devices had less random numbers right after they were turned on. This could make some secret keys easier to guess. This problem only affected certain FIPS models. Yubico offered free replacements for these affected keys.
Yubico's Community Work
In 2018, Yubico gave away free YubiKeys to new subscribers of WIRED and ArsTechnica magazines. These keys had special logos on them.
Yubico also gave 500 YubiKeys to people protesting in Hong Kong in 2019–2020. The company said they did this to help protect internet users who are at risk. They also wanted to support people who believe in free speech.
More to Learn
- FIDO Alliance
- Nitrokey
- OpenPGP card
