Introduction to the YubiKey 5 Series¶
The YubiKey 5 Series security keys offer strong authentication with support for multiple protocols, including FIDO2, which is the new standard that enables the replacement of password-based authentication. The YubiKey strengthens security by replacing passwords with strong hardware-based authentication using public key cryptography.
For an overview on setting up two-step verification in a typical case, see Google on using a security key for 2-step verification.
- For those who just want to use a YubiKey without programming anything, the most useful part of this guide will be Physical Interfaces: USB, NFC, Apple Lightning®, which describes how the YubiKey connects, and indicates what it can connect to.
- The full list of the services that work with YubiKeys is on Yubico’s Works With YubiKey page.
- Most of the rest of this guide targets systems integrators, IT teams, or developers who expect to integrate support for YubiKeys into their environment.
All the YubiKeys in the 5 series have the basic functionalities and capabilities described in this guide. It is the firmware version that determines which of the more specialized functionalities and capabilities are available to you. The firmware on the different keys in the 5 series varies depending on when the key was manufactured.
The YubiKey firmware is separate from the YubiKey itself in the sense that it is put onto each YubiKey in a process separate from the manufacture of the physical key. Nonetheless, it can be neither removed nor altered. Yubico periodically updates the YubiKey firmware to take advantage of features and capabilities introduced into operating systems such as Windows, MacOS, and Ubuntu, etc., as well as to enable new YubiKey features.
The firmware version on a YubiKey or an HSM therefore determines whether or not a feature or a capability is available to that device. The quickest and most convenient way to determine your device’s firmware version is to use the YubiKey Manager tool (ykman), a lightweight software package installable on any OS. The YubiKey Manager has both a graphical user interface (GUI) and a command line interface (CLI).
- Download the YubiKey Manager tool: https://www.yubico.com/products/services-software/download/yubikey-manager/
- YubiKey Manager (ykman) CLI & GUI Guide
The features and capabilities made available by the 5.4 firmware are described in 5.4 Firmware: Overview of Features & Capabilities.
For more specialized requirements, refer to the guides for the tools for YubiKey configuration, described more fully in Tools and Troubleshooting.