Yubikey Two Factor Authentication

Yubikey is a security device from the innovative Swedish startup Yubico. It is a very small piece of hardware, in the form of a USB key that fits on your key chain. What makes Yubikey so smart is that it does not need any client software and it can be used on any computer with a USB port.

The intended use is for secure and efficient authentication of users to services over the Internet. It works just like a computer keyboard connected to a USB slot. In fact, it is more or less a computer keyboard, since all it does is to simulate a keyboard in order to enter long passwords into textboxes when you want to login to for example a web site.

The Yubikey has one button. If you insert the Yubikey into a computer and press this button, it generates the user’s identity and a passcode, just like if you would have written it yourself on the keyboard. It is possible to re-program a Yubikey to for example generate static (never changing) passcodes instead of the default which are so called one time passcodes (hereafter called OTPs).

The Yubikey is used for applications such as to login to single-sign-on services such as OpenID and MashedLife.com, Microsoft Windows, blogs, forums, and more. In most cases one time passcodes, OTPs, are used and validated against some validation server. The yubikey can also be used completely offline without validation, for example to enter a complex but static passcode to unlock an encrypted disc that is protected with TrueCrypt.

To order a Yubikey online click here. For more information visit Yubico’s website.

3 Replies to “Yubikey Two Factor Authentication”

  1. I’m using my Umikey with MashedLife.com, who also offers different kinds of USB keyboard based crypto keys at a much more affordable price. This is becoming the main stream. I think.

  2. Hi May!

    The Umikey’s are more or less a ‘cheap’ rip off of the Yubikey. They don’t include a open source API or a technical documentation regarding their OTP implementation. This is outlined here: http://forum.yubico.com/viewtopic.php?f=6&t=337.

    Regardless, for a casual user wanting to leverage the MashedLife service or use two factor authentication with KeePass (www.keepass.info), the Umikey is a slightly cheaper alternative to the Yubikey.


  3. UmiKey does offer open-source API at: http://umikey.com/sdk/docs/en_index.php

    I just bought a Umikey a month ago, and I’m impressed with its affordable price and user-friendly tools. From a user perspective, I recommend Umikey since all apps it claims to integrate with, works flawlessly.

    Yubikey, though claims tons of apps supporting it, most half-cooked hacks and either not working or require tremendous tweaking to make it work. It is far from mature for day-to-day uses. I’m particularly disappointed with the claimed integration with TrueCrypt. That is just a static password!!! I feel like a fool when I discovered that. I like Yubikey but I’m very sick of the way they hype things and the ridiculously high price.

Comments are closed.