Back

Definition
A YubiKey is a hardware security key used for strong authentication. It plugs into a device or connects wirelessly and verifies a user’s identity using cryptographic protocols such as FIDO2, U2F, or one time passwords, without relying on passwords alone.

Why it matters
YubiKeys provide phishing resistant authentication by requiring physical possession of the key. This significantly reduces the risk of account takeover caused by stolen passwords, credential reuse, or phishing attacks, making them a trusted option for high security environments.

Example use case
An employee logs into a corporate dashboard by entering their username and then tapping their YubiKey. Access is granted only if the physical key is present and verified.