Yubico – YubiKey 5C NFC – Two Factor Authentication USB and NFC Security Key, Fits USB-C Ports and Works with Supported NFC Mobile Devices – Protect Your Online Accounts with More Than a Password

eu ja uso um yubikey da Yubico, comprei esse de sobressalente

O produto muito bom. No site da Yubico podemos ver quais sites e apps possuem suporte nativo a hardware key e tambm sites que podemos usar como substituto ao Authy ou Google Authenticator.

O aplicativo Yubico Authenticator serve para isso, para substituir esses apps, e invs de armazenar os dados no aplicativo ou computador, armazena os cdigos direto na chave.

Super recomendo!

Gostei muito do desenho da chave ( durable) e praticidade. (Segurana)

I have found that you have to put this right on your phone’s NFC sensor to get it to work. Maybe this is a security feature? It makes using it just as hard as plugging it into your phone. I wish it had a bit stronger NFC signal.

Ich habe die Anschaffung des Yubikeys seit rund 2 Jahren immer vor mir hergeschoben. Fr den zweiten Faktor mussten Apps herhalten – und beim Wechsel des Smartphones ist es je nach App immer wieder ein Spa… Klar, es geht alles, aber es nervt.

Nun bin ich mit meinen rund 800 Credentials und Items frisch von 1Password zu Bitwarden gewechselt – und da dachte ich mir: sieh zu und kmmere Dich endlich um einen sicheren und komfortablen zweiten Faktor! Also habe ich mir – primr Macnutzer mit M1-CPU – den Yubikey 5C NFC gegnnt und erwartete das Schlimmste angesichts einiger der “hilfreichen” Rezensionen hier. Wie so oft stellten sich die Rezensionen, die so hilfreich waren, als das Gegenteil heraus.

Yubikey aus der Verpackung genommen, Seite des Herstellers mit den Startinfos aufgerufen (was ich mir htte sparen knnen – nicht weil die Infos schlecht sind, sondern weil es nicht wirklich etwas zu tun gibt – auer den gewnschten Dienst aufzusuchen, den man mit dem Key absichern will und dort den Anweisungen folgen). Also in Bitwarden den Yubikey als zustzliche Option fr den zweiten Faktor hinterlegt. Wie? Tja, wer Anleitungen sucht, macht schon den ersten Fehler: das ist nun wirklich selbsterklrend – der jeweilige Dienst, in meinem Fall Bitwarden, macht das schon. Und es luft wie verrckt und total simpel.

Und… um das l vom M1-Feuer zu nehmen: im Januar 2022 luft das ohne Abstrze und reibungslos. Es mag im Sommer 2021 anders gewesen sein, ich will das nicht in Abrede stellen. Stand heute jedenfalls: keine Probleme. Et luft!

Klare Empfehlung fr alle, die sich noch bzw. nur mit 2FA-Apps herumrgern: ein Yubikey ist im Vergleich dazu die fr meine Begriffe viel komfortablere Variante. Der Hersteller wirbt auf seiner Seite, man solle lieber direkt 2 Yubikeys beim jeweiligen Dienst hinterlegen, um im Falle des Verlusts (oder vom Hersteller logischerweise nicht erwhnt: Defekts) nicht vom jeweiligen Dienst ausgesperrt zu sein, aber ich bin zunchst mit einem Yubikey angefangen (und der vorhandenen 2FA-App als Alternative). Ich schliee aber nicht aus, dass das hier nicht der letzte Yubikey war. Wirklich eine feine Sache. Und auch nicht nur fr Nerds. Wer mit 2FA unterwegs ist, kommt mit dem Key klar.

Ein Wort noch zur Verarbeitung: sie macht einen hervorragenden Eindruck, der Key ist am Schlsselbund sehr dezent und berhaupt nicht klobig. Top!

Ich htte schon viel frher mit einem Yubikey starten sollen.

Yubikeys are really pretty great. They offer you a way to save time and typing while ensuring you are who you say you are as long as you’re the one using it of course. There are some that come with fingerprint readers too and after messing around with them, I wish that I would have bought those instead, however these still allow you to go passwordless if your authentication scheme support that (Microsoft). At the very least, they replace your phone as a method of verification when using 2fa.

It’s recommended to have at least 2 of them in case you lose one, which doesn’t seem all that hard to do considering its size. If you have a safe or safe deposit box, I’d recommend putting one or more in there just in case. If you have both, put one in each for added safety. You can store personal x509 certificates on them as well as other info the software for Windows seems easy enough but I use Linux and I can guarantee these work on Fedora 34 and 35, but am willing to bet they’ll work on most modern distributions. Yubico had written quite a few packages and there is tons of 3rd party apps and solitions that optionally employ them.

If you’re into safeguarding your data and identity you should get these keys. I have both NFC flavors so that I don’t need to carry adapters around with me. They work with my Note 20 Ultra 5G, my galaxy tab s7+ and my pc. Highly recommend them.

My only regret is that I wish I purchased 2 initially.

Everyone should know what these are, have them, and use them. For your own good!

Cette cl est compatible avec MacBook Pro et le iPhone.

This protects all of my social media and other accounts, that have 2FA support (but Microsoft login in laptop, as it is available by costly commercial 3rd party app, only). Some nuisance of different kind of implementations of this on each service (I would love to have AWS/Amazon implementation in all services).

I have phone security apps and strong passwords, and several years ago bought one of these Yubico keys to carry on my keychain. The most recent device setup that asked for it was a tablet that didn’t have the larger USB port and the old key didn’t have the NFC ability. Now the new one is in my pocket and the old one is the spare.

PERFETTA!
Con Yubikey Personalization Tool la fate diventare una password per accessi, quando la inserite e premete il pulsante scrive da sola una password complessa e introvabile

What I did like was ,what it could l do. 2steps down from military grade securety for the cost I was pleased w/ that. What I didnt like was honestly for the avatar pc/ android user your tech skills need to be high enough you could explain to someone or show someone a few lines of = #$(”code. And- them^understand”) it!. did you catch my wonderful humer?

I’m honestly still learning how to use it 100 % with my I always remover someone using a , which I s why it looked easy . Well that’s all I have to say I home this opinion of mine helped in any way….

I bought two of these, one for backup, and have been using them for a few weeks now on accounts that support it. So far it’s been very easy and simple to use. Only one time there was a problem and the website said I had a bad key, but I just reinserted the key and worked. I’m a security professional and so I know that these keys are very important security feature, but not that many websites allow it to be used. I end up going with an authenticator app (an open source one that does backups) on accounts that only allow digital tokens. But I’m very happy with the added peace of mind of having this, expecially on certain accounts like cloud services accounts where a hacker could potentially rack up huge bills for me if they got in. It’s nice to know I’m pretty much covered from that threat with using this. I may want to buy a third backup key at some point as best to haves backups in threes as a general principle. It did work with with NFC as well as on the laptop.

About this security key:
This is one of the latest Yubikeys to be launched. It is also the costliest one (in India). This is the enterprise grade security key with features such as fido, totp, hotp, smartcard, etc. It has NFC and usb-c interface for connection.

Why I bought this Yubikey:
Being in the IAM field it made sense to buy the enterprise grade security key. I have an iPhone so NFC helps there. And I chose usb-c because most of the modern laptops have atleast one usb-c port. The Yubikey 5 NFC has a usb-a port and is only a few hundred rupees cheaper, so it makes sense to buy this one (Yubikey 5c NFC). I can also connect it to android phones having usb-c port. Sometimes, the seller drops the price from 7,800 to around 6,800. That’s usually when you should buy this Yubikey. Plus if there’s any card discount going on, it will be even cheaper for you. However, Yubikeys in india are very costly. You can get TWO Yubikey 5c NFC for 110$ in the US, which is roughly the cost of one key in India.

Is this Yubikey for you?
If you only want to secure your digital accounts like fb, gmail, instagram, etc. go for the consumer grade Yubikey (the blue one). You’ll get it for around 4k rupees. If you want to do more, and use a key for windows login, smartcard based login, buying Yubikey 5/5C NFC makes more sense.

Questo il modello al vertice della gamma Yubico, il pi completo ed il pi prestante. Se avete necessit di autenticazione di livello aziendale, il prodotto giusto per voi. Semplicissimo da configurare e da usare. Riconosciuto da praticamente tutti gli operatori (Facebook Twitter, Google, Yahoo, etc.). Utilizzabile anche per il login locale ai PC (Windows, MacOS e Linux). Comodissimo da portare con s. Dispone anche di funzionalit OTP aggiuntive che lo mettono in competizione con programmi come Google Authenticator e Twilio Authy. Consigliatissimo.

I think some of the 1 and 2 star reviewers need to take more time to understand exactly what it is they’re buying.

Firstly, it’s a MULTI-FACTOR device, it’s not supposed to replace passwords (yet), hence the term MULTI-FACTOR, there are MULTIPLE FACTORS to your login procedure, the first one being your username and password, the second being this key.

Secondly, it doesn’t type out your password on screen, it types a cryptographically-calculated string which changes each time and is specific to the hardware key itself. The interaction of touching the device is in place to work with your chosen software when it prompts for a U2F device, where you need to press the key to activate it. This is to stop automated log ins when the key is connected, it requires a human to physically activate it. Pressing the key at any other time will output a meaningless code onto your computer, which means nothing to unconfigured software, so this is not a security risk.

Thirdly, not all services support hardware keys yet. New hardware and software takes a VERY long time to be supported by all platforms and always starts with the biggest (Google, Microsoft, Amazon, Facebook, etc). You should check that the services you want to use this for actually support hardware keys.

Lastly, this is supposed to be small. If you’re complaining about it’s size when there are other options available like the standard Yubikey 5 or Yubikey 5C, then that’s your problem not the product’s. This is supposed to be a static key that can be removed if necessary, such as for a personal laptop, and should be used in conjunction with another 2FA method as a fallback e.g. mobile authenticator app.

This is a great product that does the job it’s designed for. It’s working well with Yubico Windows login software and a number of online accounts.

Der Yubikey ist ein solides, kleines Stck Hardware, und sicherlich das bekannteste seiner Art.
Dazu untersttzt er so ziemlich jedes bekannte Sicherheisprotokoll, und drfte von allen greren Firmen untersttzt werden.

Trotzdem fehlt noch EINIGES, um diesem Teil den breiten Durchbruch zu verschaffen – aus KUNDENsicht.

Denn: die Installation/ Einrichtung muss man sich auf der Internetseite auf englisch durchlesen, und die ist fr jede Anwendung / jede Anmeldung, die abgesichert werden soll, ein wenig anders durchzufhren. Bin recht versiert/erfahren, was IT angeht, und bekomme das hin. Aber fr Leute ohne Englischkenntnisse, oder die nicht tglich mit PC-Problemen konfrontiert sind, drfte das eine hohe Hrde darstellen.

Ich nutze es zB zur Absicherung meines Google-Accounts und meines Bitlocker-Tresors.

Es wird am PC und an Mobiltelefonen beim Einstecken als Tastatur erkannt und bermittelt so eine sehr lange Zeichenfolge an das Gert. Simples, aber gutes und sicheres Prinzip.

Der Key macht genau was er soll und ich bin absolut zufriden.

Einen Stern abzug gibt es, weil es fr TOTPs die auf dem Key gespeichert werden nur 32 Slots gibt. Leider ist dies deutlich zu wenig.

Excellente solution pour scuriser l’accs ses applications SaaS. Facile d’utilisation, se fixe facilement au porte-cl, rsistante

So ill start this by saying the yubikey is fine and super easy to set up and works exactly as intended.

The issue i have and something iPhone users should be aware of is the usual Apple restricting certain access which can mess up your workflow

I got this mainly to increase the security on of my password manager vault. The set up of that was easy and works perfectly on mac and pc with my browser.

For iOS i want to use autofill but have it periodically require yubikey auth. This is a feature that is restricted in iOS the password manager works perfectly with yubikey but autofill doesnt work. The work arounds are all a ballache so i have set it to just lock and require master password.

This obviously makes the yubikey a bit pointless for my use case

As i say the product is perfectly good but wanted to let others know of a feature that isnt currently workable

I purchased one of these to test out increasing the security for all of my online accounts. After checking out many Youtube videos and writeups, Yubikey seemed like as good a product as many and slightly better as they were one of the leaders in creating this technology. I would say that is fairly easy to set up if you have a little computer skill although not so simple that you could give it to someone as a gift and expect them to thank you 😉
The software that you need to enable using it (a bit like the google authenticator app) works well and better than the app because it auto copies the generated code to your clipboard so you can paste it without mucking about. However the separate software needed for altering the settings on the Yubikey is quite old and feels neglected. One big caveat as mentioned in the title, once you have locked up your data using this key, if it ever gets lost, destroyed or stolen, you will be locked out for good! (If you have done it properly 🙂 so always get a second key and once they are cloned, store that in a secure place physically distant from the main one. That way if the unexpected happens, you can get your life back on track.

I am from an IT background and struggled on certain aspects in setting the key on my mobile. I don’t see anywhere mentioned at the time I purchased on their website on how to configure the key with the 2 factor authentication app “yubico authenticator” on android phone. Well there are instructions on how to install. So if you plan to add a 2 factor for any website, the first thing you need to do is to scan the QR code first on the app and not to scan the yubikey as it states in the app screen. Once you have scanned the QR code, it will prompt you to scan the yubikey. Once the yubikey is scanned, the account is set. Every time you need a code, just open the app and scan the yubikey to your phone’s NFC. Sometime it will throw the communication failure error where you have to try scanning again. I did not have issues anywhere else in setting the key.

For a non-technical user, it’s hard to know even how to explain all the things this Yubikey does.
You can use it for smart card authentication, additional website authentication (2FA), store PGP keys, even use SSH keys with some experimentation.

The setup is fairly complicated, even for a technical user who understands encryption.

Once you’ve installed the software, as long as you’re comfortable with command-line tools and GnuPG, and you’re inquisitive, it’s interesting to explore how to use this device. But you have to follow the instructions carefully, and probably make mistakes too before you get the hang of it.

If this sounds intimidating or just incomprehensible, this device is possibly not for you.

The black Yubikey 5 provides a lot of extra features over the basic blue one which only a minority of people would need or use.
I’m using it to store GPG keys, as a FIDO2 authenticator and to secure LastPass.
I love tinkering with it; it appeals to my nerd brain. And anyone who works with and understands the acronyms thrown around in technical descriptions of the Yubikey will find it useful.

For someone less technically-minded who wants an authentication tool, it might be better to consider the cheaper blue Yubikey instead, or just stick with authentication apps from Google, Microsoft and Authy that produce a six-digit code.

Keeping passwords safe, online service 2FA, SSH, PGP (GPG), keycard and more;, use this to add another layer of protection to your online life and significantly reduce the chance of becoming a victim.

The contemporary internet environment is hostile. Faceless criminals and malign actors seek to access and control our information for their own purposes, and seem to have access to incredibly intelligent people who assist them in their seemingly wicked ways. This activity looks to be rising commensurate to the pace that we un-wittingly intertwine our lives with technology, trading security for convenience, often in the misguided belief that service providers will provide us with sufficient protection.

You are likely to know someone who has been a victim of some kind of remote or local attack and if like me you would like to reduce the chance of becoming a victim, the price of two yubikeys is a small price for the peace of mind that they provide.

Configuration can be a bit tricky for the more IT illiterate of us, but well worth investing the time and effort to read-up on the matter. Yubikey could do more to provide easy to use documentation and guidance to assist those who otherwise would not take the time to learn to configure the keys correctly.

Highly recommended even if it comes with a learning curve.