The Yubikey is an authentication device built by the Swedish vendor Yubico. The Yubikey is an OTP token that has no display to display the one time password. The Yubikey is rather plugged into the USB port where it is detected as a normal HID device (a keyboard). Pressing a button on the Yubikey sends the one time password just like keypresses to the computer.

The Yubikey is availble in several different versions. It is available with NFC interface or integrated RFID chip. The Yubikey works with its own AES based OTP mechanism or with the standard HOTP algorithm. The Yubikey also provides an HOTP challenge response mode and it can emit a static pasword.

The Yubikey is very attractive in our customer projects. Two main advantages are that the token does not need any battery and thus could work till the retirement pension of the users. From a security point of view it is important that the Yubikey can be initialized at the USB port. Thus neither Yubico nor the distributor – only you – knowing the secret seed. As the OTP value does not be read from a display it can also be used by blind users.

We use the Yubikey in our customer projects with the authentication backend privacyIDEA that can initialize the Yubikey in all available authentication modes.

The vendors website…