The YubiKey is a collection of hardware authentication devices manufactured by Yubico AB (Nasdaq Stockholm: YUBICO), a company founded in 2007 by Jakob and Stina Ehrensvärd and headquartered in Stockholm, Sweden, with an American subdivision incorporated in Santa Clara California.
As of March 2026, the YubiKey range includes a number of devices that support the FIDO2 authentication standard and come in various sizes and interface formats. The flagship YubiKey 5 Series also supports a number of other industry standards including OATH, PIV and OpenPGP, as well as a legacy proprietary "OTP" applet with various functions. Yubico also offers a hardware security module, the YubiHSM 2. The YubiKey 5 Series and YubiHSM 2 have FIPS 140-2–certified versions for government or enterprise clients subject to regulatory requirements.
YubiKeys can be used to authenticate access to websites, apps, operating systems, remote servers, networks and other environments, with some YubiKey products also supporting encryption/decryption (of files or messages) and digital signing. The name "YubiKey" derives from the phrase "your ubiquitous key" and "yubi", the Japanese word for finger, emphasising the YubiKey's versatility and the physical touch used to verify the user's presence.