Touch protection · Yubikey Handbook (2024)

FAQs

Why is my YubiKey touch not working? ›

Check to see if the YubiKey's LED is lit - if not, the YubiKey may not be receiving power. The issue may be as simple as the YubiKey is inserted upside down for USB-A connectors. Alternatively, the USB port may not be functioning correctly - if that is the case, try on a different USB port or computer.

The Yubikey 4 introduces a new touch feature¹that enables a second layer of protection when using a private key stored on the device. The access will be conditioned by a user physically triggering the touch sensor, which detracts malware issuing command on the Yubikey without user knowledge.

Connect your YubiKey to your computer. Open the YubiKey Manager and select the YubiKey you want to modify. In the 'Applications' section, select the OTP application and click the 'Edit' button. In the 'General' tab, uncheck the 'Enabled' checkbox and click 'Save'.

Other 2FA methods typically only send you a six-digit code to confirm your identity, mostly because it would be unreasonable to expect humans to type much more than that. YubiKeys don't require you to manually enter a code, so they're free to use much longer codes. That's more secure.

A Yubikey will essentially last forever, and if you stay clear of the insanity that is Passkeys its Webauthn element can support an infinite number of websites.

Sometimes, a touch screen will stop responding due to built-up dirt and grime or problems with the case or screen protector. Since this is pretty easy to either deal with or rule out, it's a good idea to thoroughly clean your device if a reboot doesn't do the trick.

Do I need to keep my yubikey plugged in all the time? A. No, you only need to insert your yubikey when you are prompted to do so during login. Leaving it plugged in could result in the yubikey being lost or damaged.

The YubiKey identifies as a USB keyboard to your PC, and does not need to be ejected when removed – you can just pull it out!

How do I turn off touch key? ›

So, what happens if you lose your YubiKey? In that case, you can still use your Authenticator app (phew!). While you can't create a backup YubiKey, you can always contact Yubico to get a replacement key.

The theft scenario is indeed disturbing because if the thief learns your PIN and then steals the Yubikey, you're facing severe problems: the thief can easily check all your passkeys, get access to your accounts, remove all the passkeys and register only the stolen Yubikey, change the password, remove any other 2FA ...

The YubiKey 5 FIPS certified security keys meet the highest level of assurance (AAL3) of the new NIST SP800-63B guidelines.

Unplug the YubiKey once and then plug it back in via the USB port. Touch the YubiKey on the sensor (golden area) twice within 10 seconds to confirm the reset. The YubiKey has been successfully reset. Afterwards, if necessary, you can set a new PIN again using the Security Key PIN function.

The versatile YubiKey requires no software installation or battery so just plug it into a USB port and touch the button, or tap-n-go using NFC for secure authentication.

Option 2 - Reset Using the YubiHSM SDK

Insert the YubiKey into a USB port. Open Command Prompt (Windows) or Terminal (Mac / Linux). Type yubihsm-auth --action reset and press Enter.