YubiKey 4

YubiKey 4

  • Two-factor authentication made easy for hundreds of services
  • Smart card (PIV), Yubico OTP, OATH-TOTP, OATH-HOTP, FIDO U2F, OpenPGP, Challenge-Response
  • USB Type A compatible
  • Extremely durable and rigid; crush and water resistant
  • Attaches to house and car keychain

Two-factor authentication made easy for hundreds of services!

YubiKey 4 is a USB device that you use in combination with your username/password to prove your identity. With a simple touch, YubiKey 4 protects access to computers, networks, and online services.

All-in-one configurable security key performs: smart card (PIV), Yubico OTP, FIDO U2F, OpenPGP, OATH-TOTP, OATH-HOTP, and Challenge-Response. Yubico offers free and open source tools to configure the YubiKey yourself.

Easier and safer than authenticator apps: No more reaching for your smartphone to re-type passcodes that you receive via SMS or from an authenticator app. Just plug in your YubiKey, tap, and it does the rest for you.

Works out of the box with hundreds of applications: Use it with popular services like Facebook, Gmail, GitHub, DropBox, Dashlane, LastPass, Salesforce, Duo, Docker, Centrify, and hundreds more. Configurable for computer login (Windows, Mac, Linux). Follow the instructions that each service provides, to register your YubiKey.

Using your YubiKey: Go to yubico.com/start for instructions on how to register your YubiKey with each service. Steps to enroll your YubiKey 4 may differ from service to service. Yubico has provided steps based on their own testing, and links to those services for full instructions.

USB Type A compatible: Plugs into USB Type A ports. Purchase adapters for devices that feature lightening or USB-C ports to perform one time passwords.

Extremely durable (IP67 class rating by IEC 60529): High quality, crush-resistant, and water-resistant.

Attaches to house and car keychains.

Manufactured in USA and Sweden with high security and quality in mind.

List Price: $ 40.00

Price: $ 40.00

3 thoughts on “YubiKey 4”

  1. 142 of 146 people found the following review helpful
    4.0 out of 5 stars
    Great device for secure two factor authentication – not for everyone, March 27, 2016
    By 
    Jeff (Lodi, CA USA) –

    Verified Purchase(What’s this?)
    This review is from: YubiKey 4 (Accessory)
    This is an excellent device and I strongly recommend it if you use a password manager that supports it (Last Pass, Dashlane, etc). The benefit of this device with a Password Manager is you can enable two factor authentication to add a new device capable of signing into your account. In short, it doesn’t matter if someone knows you master password, they can’t add a device (computer capable accessing your account) unless the have they have a Yubikey.

    To add a phone or tablet that doesn’t have a USB, use this device on a computer to temporarily disable the two factor Yubikey authentication, add your Device, then reable the key. I recommend getting a backup key or if your spouse or partner uses one, register both keys on each other’s account. This will save headaches if the device is lost.

    This security key has the ability to maintain two two security access methods, e.g., Smart Card and Fido U2F. Be aware this comes with no documentation at all! I mean none – while there is a lot of information on their website and on the Dashlane Password Manager website, you get the feeling that these products are aimed at a narrow group of IT savvy individuals or organizations with IT specialists to configure them for staff.

    I hope this review is helpful!

  2. 77 of 80 people found the following review helpful
    5.0 out of 5 stars
    Get two if you are considering it., January 17, 2016
    By 
    Tom is a nerd (Atlanta, Ga) –

    Verified Purchase(What’s this?)
    This review is from: YubiKey 4 (Accessory)
    I bought this to figure out how it worked. Its silly easy. Basically it can integrate with almost any authentication YOU own. As far as third party it can be made to work (easy) with anything that is always online. If your using it to authenticate to something offline it can do a challenge response and the configuration seems quite secure.

    You already know its practically indestructible.

    Love it, you probably don’t need this newest nicest one, but I do strongly recommend getting two, and configuring them with your services at the same time, that way if the key is lost or stolen you don’t have to jump through password recovery hoops.

  3. 19 of 19 people found the following review helpful
    3.0 out of 5 stars
    Would have bought something else it if I knew then what I know now, August 16, 2017
    By 

    Verified Purchase(What’s this?)
    This review is from: YubiKey 4 (Accessory)
    I bought it primarily for PGP encryption on Linux desktops. I bought this under the impression that this was more open source than it actually is. In the process of trying to get this to work and troubleshoot, I’ve come across information which may have led me to buy something like Nitrokey instead (not available on Amazon at this time).

    I didn’t know at the time of purchase, but a discussion on had Github caused a controversy. I find the company’s attitude towards security troublesome. In a blog post, they respond to the controversy with excuses and push a security-through-obscurity narrative. They don’t release specifications or emulators for their devices. Having code / firmware / blueprints secret makes end users less secure. They want users to trust them rather than their device earning trust on its demonstrable technical merit. They ask their customers to have faith that there are no bugs or backdoors that hackers or governments can exploit to steal their customers’ keys.

    Since Amazon reviews don’t allow hyperlinks, I cannot cite sources but you can look this up yourself. Corporate ethics aside, here is my experience on Linux Mint (Ubuntu):

    it took a while to set up correctly. The documentation was hit-or-miss. It does not work with Ubuntu 14.04 LTS, so I upgraded my system from Linux Mint 17 to 18 (based on Ubuntu 16.04 LTS). I’ve been using it with gpg2. I’ve spent a lot of time trying to track down a bug where the Yubikey will not reprompt for PIN after it is unlocked for the first time. I’ve spent a lot of time and tried many different steps to set a timeout. I’ve tried searching the web for help with this problem, but I’ve basically only come across users with the same unanswered question. Or they have a similar question and say they get it working but repeating their steps don’t work for me. I’d be more comfortable if I could have my PIN required every time. At this time I don’t know if the PIN is being cached by desktop software or the Yubikey.

Comments are closed.