The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords, public-key cryptography, and authentication, and the Universal 2nd Factor and FIDO2 protocols developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows for storing static passwords for use at sites that do not support one-time passwords. Both Google and Facebook use YubiKey devices to secure employee accounts as well as end user accounts. Some password managers support YubiKey. Yubico also manufactures the Security Key, a similar lower cost device with only FIDO/U2F support.
The YubiKey implements the HMAC-based One-time Password Algorithm and the Time-based One-time Password Algorithm, and identifies itself as a keyboard that delivers the one-time password over the USB HID protocol. A YubiKey can also present itself as an OpenPGP card using 1024, 2048, 3072 and 4096-bit RSA and elliptic curve cryptography p256 and p384, allowing users to sign, encrypt and decrypt messages without exposing the private keys to the outside world. Also supported is the PKCS#11 standard to emulate a PIV smart card. This feature allows for code signing of Docker images as well as certificate based authentication for Microsoft Active Directory and SSH.
Highest paying job titles at Yubico include Software Engineer, Senior Front End Software Engineer, and Back-End Software Engineer