It’s a hardware authentication key. Kinda like a USB flash drive.
You know how some services offer multifactor authentication (MFA), also referred to as two factor authentication (2FA)?
There are typically two types offered: time-based one-time passwords (TOTPs) where you have 30-60 seconds to type in a 6-digit code, and SMS-based where they text you a 4-6 digit code (that also expires within a set time frame).
With a Yubikey, you gotta plug in the Yubikey into your computer or phone. Or, there are some models that use near field communication (NFC) and you just need to bring it near the device you’re tryna authenticate.
So rather than typing in those codes you get either from SMS or your authenticator app, you use the Yubikey as your authentication method.
Oh nice ! Thanks for the explanation. Is this type of authentication supported by many apps and services ? Can it completely replace an authenticator app on a phone ?
For services that support fido2 keys, Yes 100% it replaces TOTP apps. Most services do not support fido2 keys. Just services that are very security conscience. Google, Microsoft, GitHub, cloudflare, AWS, azure, anything with a high technical risk surface will support fido2 keys.
It’s a hardware authentication key. Kinda like a USB flash drive.
You know how some services offer multifactor authentication (MFA), also referred to as two factor authentication (2FA)?
There are typically two types offered: time-based one-time passwords (TOTPs) where you have 30-60 seconds to type in a 6-digit code, and SMS-based where they text you a 4-6 digit code (that also expires within a set time frame).
With a Yubikey, you gotta plug in the Yubikey into your computer or phone. Or, there are some models that use near field communication (NFC) and you just need to bring it near the device you’re tryna authenticate.
So rather than typing in those codes you get either from SMS or your authenticator app, you use the Yubikey as your authentication method.
Oh nice ! Thanks for the explanation. Is this type of authentication supported by many apps and services ? Can it completely replace an authenticator app on a phone ?
For services that support fido2 keys, Yes 100% it replaces TOTP apps. Most services do not support fido2 keys. Just services that are very security conscience. Google, Microsoft, GitHub, cloudflare, AWS, azure, anything with a high technical risk surface will support fido2 keys.
And amazingly, minimal to none online banking support
deleted by creator
I need a YubiKey to get 2FA code