The YubiKey is a collection of hardware authentication devices manufactured by Yubico AB (Nasdaq Stockholm: YUBCF), a company founded in 2007 by Jakob and Stina Ehrensvärd and headquartered in Stockholm, Sweden, with an American subdivision incorporated in Santa Clara California. Yubikeys are used to protect access to computers, networks, and online services and support various authentication protocols including one-time passwords (OTP), public-key cryptography, authentication, Universal 2nd Factor (U2F) (which Yubico developed with Google), FIPS 201 personal identity verification, WebAuthn, and FIDO2. As of January 2026, there are five models of Yubikey devices, including the 5 Series, 5 FIPS Series, Key Series, Bio Series, YubiHSM 2, and YubiHSM 2 FIPS.
Yubikeys support HMAC-based one-time password (HOTP) and the time-based one-time password (TOTP) algorithms, and identifies itself as a keyboard that delivers the one-time password over the USB HID protocol. Some models can also present itself as an OpenPGP card for message and file encryption. Also supported is the PKCS#11 standard to emulate a PIV smart card. This feature allows code signing of Docker images as well as certificate-based authentication for Microsoft Active Directory and SSH.