-
Follow this tutorial to set up your YubiKey and add compatible services
Home » Setup » Get started with YubiKey 5 Series
A few tips before you get started
Have your key ready
Have your key(s) ready to plug into your computer, preferably the same way you will plug it in later when you authenticate: i.e., either with or without an adapter.
Prepare trusted device
A trusted device is one that is not public and has an up to date operating system with the latest security patches installed. Have a computer running either Windows 10 (1903 or later) or any of the following with the Chrome browser 90 or later: macOS (Catalina or later), Chrome OS 90 or later, Ubuntu 18.04 or later.
Do you have a spare key?
Yubico always recommends adding two keys to each of your online services and accounts; one primary and one secondary as backup in case the primary is lost.Read more about backup (spare) YubiKeys here.
*Reminder: Not all services are compatible with all series. If your backup is from a different series, be sure to use the setup flow specific to your spare key for best results.
Many services suggest or require the use of a PIN. It is recommended that youset up a PIN before you add services to your YubiKey. The best way to do this is to useYubiKey Manager.
Compatible accounts and services
The YubiKey 5 Series supports most modern and legacy authentication standards. To find compatible accounts and services, use the Works with YubiKey tool below.
Each YubiKey must be registered individually. For each service you set up,have your spare YubiKey ready and add it right after the first onebefore moving to the next.
The YubiKey setup process is determined by the service provider, sosetup instructions will vary slightly from service to service. In some cases, a service will require the use of Yubico Authenticator. If so, the tool below will prompt you.
Helpful tools
YubiKeys are configured and ready to go out of the box. For additional customizations such as PIN setup, NFC and USB configuration, PIV setup and more, use the tools below.
YubiKey Manager
Use the YubiKey Manager to configure FIDO2, OTP and PIV functionality on your YubiKey on Windows, macOS, and Linux operating systems. You can also use the YubiKey Manager to configure particular settings on your YubiKey, like setting up a PIN.
Learn more
Personalization Tool
Use the YubiKey Personalization Tool to perform batch programming of a large number of YubiKeys, check firmware, and to configure advanced settings such as slot configuration and fast triggering to prevent accidental triggering of nano-sized YubiKeys.
Learn more
Yubico Authenticator
Some services require an authenticator app. Use the Yubico Authenticator app to securely store your credentials on a YubiKey opposed to your mobile phone, so that your secrets cannot be compromised.
Learn more
Advanced use cases
Computer login tools
Use your YubiKey to secure your computer or laptop. Make it a requirement to have your YubiKey before being able to log into your Windows or Mac machine.
Learn more
Developer Resources
Interested in integrating YubiKeys with your software? Check out the different developer resources we offer!
Learn more
Frequently asked questions
2FA is a method to confirm a user’s claimed online identity by using a combination of two different types of factors. Factors used for 2FA include something that you know (e.g. password or PIN), or something that you have (e.g. a security key or phone) or something that you are (e.g. facial recognition). For more detailed information, please visit our2FA glossary page.
The YubiKey works as an extra layer of security to your online accounts. When logging into an account with a YubiKey registered, the user must have the account login credentials (username+password), and the YubiKey registered to the account. This physical layer of protection prevents many account takeovers that can be done virtually. Thus the YubiKey is a form of 2FA (two-factor authentication).
A single YubiKey has multiple functions for securing your login to email, online services, apps, computers, and even physical spaces. Use any YubiKey feature, or use them all. The versatile YubiKey requires no software installation or battery and therefore it is ready to use directly out of the package. Just login to the service you want to add that extra protection to and set the Key up.
We at Yubico always recommend you to secure your account with an additional YubiKey, please see the section above named “Is it important to have a Spare Key?”. This additional YubiKey can be used as a spare key in case your primary YubiKey is misplaced or stolen. If you do not have an additional YubiKey added, it is recommended to have another form of 2FA added to your accounts. Please note, if you do end up being locked out of your account, you will need to contact the service for help with account recovery.
Yes, we at Yubico always recommend having more than one YubiKey. This way one key can be used as a primary Key, and the other can be used as aSpare Key. The importance of having a spare Key is well established. We have them for our most valuable assets in life – our houses, our cars, our PO and safety deposit boxes, etc. Not surprisingly, we also need spare keys for our digital devices! Having a spare key gives you the assurance that if you lose your primary key, you will not be without access to critical accounts when needing them most. In other words, with a spare Key you have no need to fear being locked out of any accounts, and no need to go through a lengthy recovery and identity verification process to regain access to each account.
Check out ourhelpdesk centerwhere there are tons of knowledge base articles to help arm you with the necessary info to better your online security.
FAQs
How to use a YubiKey for the first time? ›
- Plug in your YubiKey.
- Go to Yubico.com/setup and click your device.
- In the Compatible accounts and services section, browse the list of supported apps and services, and select the ones you want to secure with your device.
- Your selection will appear in a list next to the available apps.
The Yubico YubiKey 5C NFC supports many authentication protocols, so it works anywhere security keys are accepted. If you can make the most of its advanced features, such as signing and encrypting with OpenPGP, it's well worth the price.
How many keys can you have on YubiKey 5? ›OpenPGP - the YubiKey 5's OpenPGP application can hold up to 3 subkeys (signature, encryption, authentication) linked to a single OpenPGP identity.
What is the lifespan of a YubiKey? ›A Yubikey will essentially last forever, and if you stay clear of the insanity that is Passkeys its Webauthn element can support an infinite number of websites.
Do you leave YubiKey plugged in? ›Do I need to keep my yubikey plugged in all the time? A. No, you only need to insert your yubikey when you are prompted to do so during login. Leaving it plugged in could result in the yubikey being lost or damaged.
Do I still need a password with YubiKey? ›YubiKeys make passwordless possible
Passwordless can be achieved using legacy Smart Card protocols, or modern FIDO2 / Passkey authentication secured by PIN or biometric identification. The multi-protocol YubiKey offers total flexibility, and can store up to 100 passkey credentials.
The Security Key Series differs from a YubiKey 5 Series in that it comes only with the FIDO (FIDO2/FIDO U2F) protocol and the non-Enterprise Edition does not have a serial number.
How many passwords does YubiKey hold? ›A YubiKey 5 Series with firmware 5.7+ can hold up to 100 discoverable credentials (AKA hardware-bound passkeys). Other YubiKey models and configurations might only store up to 32 passkeys.
Why is YubiKey so expensive? ›It is costly to design, mould, manufacture, sell and support a hardware product, even something as small as this. Since you don't want your 2FA company to go out of business there is good value in knowing they have a stable business model that can actually support a company rather than just burning capital.
What if someone steals my YubiKey? ›If you lose your Yubikey, you can still use your phone authenticator app, but you cannot create a backup Yubikey. However, Yubikey also provides methods to recover your account, so you can get a replacement. An advantage to Yubikey is that it comes on a USB that cannot be identified.
How long does a YubiKey code last? ›
However, considering a YubiKey being used five times a day, 365 days per year, it will take 18 years for the counter to get stuck. Furthermore, as this counter only increment the first time after power up / reset, the practical lifetime is even longer.
Can two people use the same YubiKey? ›With WebAuthn, you can use the same YubiKey for unlimited sites and accounts. Just make sure to keep your YubiKey in a safe place and don't share it with anyone else.
Which YubiKey is most secure? ›The YubiKey 5 FIPS certified security keys meet the highest level of assurance (AAL3) of the new NIST SP800-63B guidelines.
Do YubiKeys wear out? ›YubiKeys are designed to withstand much more than daily wear and tear, offering greater protection compared to smartphones. They're resistant to water and crushing, and they have no moving parts or battery to short-circuit.
Does YubiKey run out of battery? ›The versatile YubiKey requires no software installation or battery so just plug it into a USB port and touch the button, or tap-n-go using NFC for secure authentication.
How do I activate my YubiKey security key? ›Find the account settings of the service and then look for security. From there you should be able to find an option for 2FA/MFA, or adding security keys. Once you've found the option to add a Security Key, go ahead and follow the instructions given by the service provider.
How do I use my YubiKey for personal use? ›On a computer, insert the YubiKey into a USB-port and touch the YubiKey to verify you are human and not a remote hacker.
How do I know if my YubiKey is working? ›- Insert the YubiKey into the computer.
- Click the Yubico OTP button. The following screen, "Test your YubiKey with Yubico OTP" shows the cursor blinking in the Yubico OTP field.
- Tap the metal button or contact on the YubiKey. The OTP appears in the Yubico OTP field. ...
- Click Validate.
You can simply insert the key into the port on your device, press the button on the hardware, and you should be granted access if you are an authorized user of the account or device. With an NFC-enabled device, you can tap the YubiKey against the phone to complete authentication.