Yubico - Security Key NFC - Basic Compatibility - Multi-factor authentication (MFA) Security Key, Connect via USB-A or NFC, FIDO Certified

YubiKeys are a must at every tech company I've worked for. They offer the highest level of security and are incredibly easy to set up. I’ve used them for over eight years, and they’ve saved me from multiple phishing attempts. If you see negative reviews, ignore them—it’s usually just a lack of technical know-how. Take the time to learn the system; the security payoff is worth it.

Pick up from Amazon locker in SF , FBA delivered very fast on the next day . It works perfectly and easy to set up for boa . A little bit expensive but will see the quality and get it updated on review later .

Side note - I use the open-source BitWarden password manager, which supports Yubikeys. BitWarden is free on multiple devices like PC, Mac, Linux, and your smartphone - for some of the bells and whistles like supporting a YubiKey you have to upgrade to their $10 a year plan, totally reasonable and you should support this company, they are great and my favorite password manager. Now - on to the Yubikey itself. One of the great selling points is that you cannot log on to services that support Yubikey (e.g. your bank, Facebook, Twitter, etc.) if you do not have physical possession of the Yubikey. If someone happened to obtain your User ID and password somehow, they still wouldn't be able to log in thanks to the Yubikey, so that is peace of mind. Speaking of peace of mind, do yourself a favor and buy 2 because you're going to want to store the backup key somewhere safe and easily accessible in case you ever lose your primary key. It is not technically necessary, but it would be an extra hassle to try and prove to the bank or other service that you are the actual client because you won't be able to log in without the key, so there is no easy password reset that you might be used to. Each company has different procedures if you have to call them if you lost your only Yubikey, for all they know you might be a leet hacker trying to social engineer them, so having the backup key gives peace of mind and you can avoid that problem if you are prone to losing things. In a digital world filled with passwords as long as the Great Wall and security measures more complicated than a Rubik's Cube, finding a solution that balances convenience and protection is a quest worthy of a tech-savvy knight. Enter the YubiKey 5 NFC – a pocket-sized guardian that brings a touch of magic to the realm of online security. At first glance, the YubiKey 5 NFC may seem like a humble USB stick, but beneath its unassuming exterior lies a treasure trove of security features that would make even the most paranoid IT guru grin like a Cheshire cat. With support for a myriad of authentication protocols, including FIDO U2F and FIDO2, OTP, PIV, and smart card, this little key unlocks a world of possibilities for safeguarding your digital kingdom. But what truly sets the YubiKey 5 NFC apart from its peers is its Near Field Communication (NFC) capabilities. With a wave of your hand (or a tap of your phone), you can seamlessly authenticate with your YubiKey using compatible mobile devices, turning your smartphone into a digital Excalibur that vanquishes would-be hackers with ease. Setting up the YubiKey 5 NFC is as simple as pie – even for those whose tech skills are as rusty as an ancient server rack. Just plug it into a USB port or tap it against your NFC-enabled device, follow the prompts to register it with your accounts, and voila! You're one step closer to digital invincibility. The YubiKey 5 NFC is a game-changer in the world of online security – a trusty sidekick for the modern-day digital hero. So, whether you're a code-slinging developer, a data-wrangling sysadmin, or just someone who wants to keep their online accounts safe and sound, the YubiKey 5 NFC is here to save the day (and your passwords). Final note - regular 2FA (two-factor authentication) of the type that sends you a text message with a ~6-digit code can be compromised by "SIM jacking" i.e. a hacker calls and socially engineers your cell phone plan provider like T-Mobile, AT&T, etc., and convinces them that the hacker is you, and you want to transfer your cell service to a new SIM card because you lost yours. The cell providers don't always do a great job in this situation and have been known to transfer your account to the hacker and their SIM card. I guess you would have to be a high-value target for something like this to happen, but it's good to know that the Yubikey protects you from this type of attack and has your back.

Works just as described!

I am hoping to use this as a UF2 device, but it causes every browser to prompt for a pin. It tries to press for FIDO protocols instead of the UF2 protocol its supposed to be capable of. I simply don't want to risk being locked out of my own accounts should something go wrong with a pin. This is unacceptable. Don't buy it unless you want to memorize a new pin#.

Arrived at the time specified. Great product for security.

After reading that even with 2-factor authentication [2FA] or one-time password [OTP] cyberthieves can gain access to your online accounts through a sim swap I thought I should get a physical security key. This little device stores information and generates one-time numbers for you to log in to a site, but you have to register it once, for each online account you use. A bit of online search suggested Yubikey 5 as an affordable, dependable and easy-to-use physical key. One was advised to buy two, with one as a back-up: if you lose one, you still have a second one. After the two keys arrived I tried it out. The first challenge: the key needs a USB-C port for connection to a laptop. My laptop has two USB-C ports. One is used for power, the other for the mouse receiver. So I bought a USB-C splitter. I should have checked online – I found out you can’t plug the power USB-C connection into a splitter [it does not charge], and the Yubikey is not recognized when sharing a spitter with the mouse receiver. However the biggest drawback is that mainstream financial institutions are not set up for use of a security key. One bank uses a security token [which is not the same as a security key], another only goes for two-factor authentication. Basically the only two common online sites for me were Microsoft and Google. Even that was not simple. When you plug the Yubikey into a working USB-C port, you apparently need to set up a pin but if that already exists or if you need to set up a new one is unclear. There is no ‘easy set-up’ or’ set-up for dummies’-something really simple that guides you through a Yubikey set-up even for Microsoft. The Yubikey instructions consist of a 130 page PDF filled with jargon. You apparently have to go into your computer’s Microsoft account settings to include a security key. Also did you know that for Google your pin [4 numbers] is not the same as your Google password? I locked myself out from including the Yubikey on the Google account because I could not understand what the pin was Google was asking for. In addition, I don’t think a security key solves the problem of a sim swap for the average person. Although you could use it to log into Gmail or Microsoft [provided you got that going] on your cell phone using near-field communication [NFC], people don’t usually log in to those accounts separately anyway on a cell phone. Once the phone is off the lock screen, most apps are ready to go without additional authentication. Maybe I am less smart than the average person but in the end, my two Yubikeys and the USB-C splitter will end up on the electronics trash pile.

NFC, touch, USB-C. All good. You can also use iPhone’s NFC to authenticate with this security key. Expensive though; double the price of USA.

I am quite new to using security keys like Yubikey and after seeing a friends account get hacked causing them lots of grief I thought about my own security. Setting these up is quite straight forward you download the Yubico authenticator app and set a pin. The pin is what you will use when you log into websites with the key that support these and get that pin wrong upto 8 times the Yubico will factory reset itself. The reason for this is if somebody steals your key it gives you that added protection. You can either use a yubico security key as the final step in 2factor authentication on a supported website or a passkey on a supported website. Support for these is a bit patchy and different websites might implement them a little differently. It's worth watching some tutorials on Youtube if you're a beginner and interested in these. There's other YubiKeys that offer more features so best do your research and choose the one that meets your individual needs. The Security key here is the most basic but does what I personally want. Pros - Stronger protection than say SMS codes for 2FA authentication. Only you have the physical key! - Setting them up as Passkeys offers strong protection against your login credentials being stolen and is convenient. Microsoft is one place that's starting to move away from Passwords and offer passwordless logins. It sounds less secure but it really isn't. Phishing is one of the leading ways hackers gain your credentials. Cons - You ideally need at least two in case you lose one, so keep one or more for a spares. - You have to weigh up your own security needs but it might be worth having another way into your account if you do lose or damage them. Websites typically offer multiple 2FA methods to confirm it's you. Only you can decide on your needs and your security will only then be as strong as the lowest method attached to that given account - A little learning curve but not difficult as such, like I say watch some tutorials if you're new

Good and practical product

Excelente, funcionando conforme o esperado

good quality