Businesses, schools and freelancers all often struggle with managing passwords and securely logging into different systems. YubiKey key fobs provide intuitive and secure authentication - whether in the form of classic multi-factor authentication (MFA) or as a modern Passkey, where a key fob and PIN is all that is required. Users no longer need to remember complex passwords and logging in is also resistant to phishing.

Call

Many of us still rely on traditional passwords or mobile apps to generate codes. This brings several problems:

• Users must remember complex passwords for different services, ideally a unique password for each service.
• Logging in via mobile apps is slow and cumbersome, especially when switching between services frequently.
• Traditional SMS or time code authentication is not completely immune to phishing attacks, which increases the risk of data leakage.

So is there a solution that is secure, fast and intuitive, while reducing dependence on mobile phones and complicated passwords?

Implementation

The use of YubiKey key fobs brings several key advantages:

• Passkey login: Users simply insert the key fob into the USB port or attach it to the NFC, enter the PIN and login is complete. The entire process is done locally through the operating system, making it phishing-resistant.
• Classic MFA: YubiKey can also be used as a traditional second factor login, adding security to existing accounts for services that don't yet allow Passkey.
• Wide compatibility and simplicity: the key fob can be worn on your keys, no need to install authentication apps on your mobile phone or operating system.
• Keychain has a number of other useful features such as: storing passwords, SSH keys, digital signature certificates,
• You can choose from different formats (microUSB, USB A or USB C, NFC, or fingerprint authentication instead of PIN).
• The key rings are resistant to water, dust and mechanical damage.

Technical window for advanced users

YubiKey uses the FIDO2 protocol and Passkey authentication - all authentication takes place locally on the device, not via a remote server, so the login is resistant to phishing, or theft of login credentials.

The PIN protects the key fob itself, so losing or stealing the key fob is not an immediate risk.

Multi-account support allows you to have one key fob for multiple services, simplifying identity management.

Thanks to the USB/NFC interface, YubiKey is compatible with Windows, macOS, Linux and mobile devices.

Conclusion

YubiKey key fobs bring a modern, secure and convenient login solution for organizations of all sizes. Whether used as a traditional MFA or Passkey, users get a fast, intuitive and phishing-resistant login, and organizations reduce the risk of data leakage.

Do you want to simplify logging into your organisation and increase data security? Contact us and we'll be happy to help you deploy YubiKey key fobs to suit your needs.

FAQ

1. What is Passkey and how it differs from traditional multi-factor authentication (MFA)

Passkey is a method of authentication where the user logs in using only a key fob and PIN. Unlike traditional MFA with time codes or SMS, Passkey is resistant to phishing because authentication is done locally rather than by sending authentication to a login server.

2. What happens if I lose my YubiKey?

The key fob is protected by a login PIN. If it is lost, it can easily be locked in your account and backup access can be activated to prevent your account from being compromised. The key fob is also protected by a management key, without which no changes can be made, e.g. to certificates.

3. Can I use one key fob for multiple services?

Yes, YubiKey supports multiple accounts and services. Just register it with individual services or apps. That's the magic of simplicity, one key for everything.

4. Is it necessary to have a mobile phone?

No, you log in directly via YubiKey - no authentication apps or mobile devices are required.

5. How much does a Yubikey keychain cost?

When you buy a keychain in online stores, you can come across a price of around 1600 CZK. For our partners and customers we offer a discount of min. 10 % or a form of rental with monthly payment. However, you buy a keychain once and you have it forever, so for a price far less than a year's subscription to Netflix you get very good security.

6. What does the key fob do besides logging in?

Yubikey keychains are not only useful for logging into internet services, but you can also upload a certificate for digital signature, SSH key for logging into servers, store static passwords, set up time codes (OTP), fingerprint authentication. However, it always depends on the model and firmware version, we will be happy to advise you on choosing a suitable key fob.