Ask me what’s on my keychain, and you’ll get the usual suspects: house keys, car keys, and what most people think is a flash drive. But it’s not. It’s a YubiKey security key, and it’s become as essential to me as my phone, or maybe even more.
After switching from passwords to passkeys, it didn’t take much time to realize that device-based passkeys have limitations. Every device needed its own passkey, and anyone with access to my laptop’s PIN could access everything on it. That’s when I invested in a YubiKey NFC key, a hardware security key, because it’s device-agnostic, uses its own PIN, and stores all my passkeys on the physical key itself. Now it goes everywhere I go.
YubiKey security keys offer secure, passwordless sign-ins
One key, multiple devices
One thing that makes a hardware key like YubiKey different from the passkeys on your phone or laptop is that everything stays on the physical key. When I create a passkey for GitHub or Google, that cryptographic credential lives on the YubiKey itself, not scattered across my devices’ secure storage, such as the Windows TPM chip or the iPhone’s secure enclave.
The YubiKey is a FIDO2-certified hardware authentication device and comes in multiple versions. My YubiKey Security Key NFC (cheaper $25 version) running firmware version 5.7.4, holds up to 100 passkeys directly on its chip. That might sound limiting, but most people don’t need more than that for their essential accounts like email, banking, and work tools. I’ve only occupied approximately 20 slots so far, so there’s plenty to go.
The security is exceptional because of how it works. Your private keys never leave the YubiKey as they can’t be copied, exported, or stolen remotely. Even if malware completely takes over your computer, it can’t extract those keys because they’re not stored on the computer at all. The worst an attacker could do is use your accounts while you’re actively logged in—but they can’t steal the keys themselves.
YubiKey works everywhere
Don’t need charging or battery replacement
With a YubiKey, I create one passkey per account, and it’s a one-time process. Then I can use it on any device without worrying about which passkey belongs to which device, or about ecosystem lock-in or sync issues. Since the security key is not platform-specific, it works everywhere, including on Windows, Mac, Linux, Android, and iOS devices.
I’ve used it on my work laptop, personal phone, and even library computers when traveling. Google, Microsoft, Apple, Amazon, PayPal, and dozens more support it. You can see the complete list of supported services in the FIDO directory for passkeys.
Setting up a security key is as easy as following the on-screen instructions. First, check if the service you want to set up a passkey supports it. If they do, they’ll likely have an easy-to-follow guide to set up a security key.
After registering the YubiKey, you may need to generate backup codes (in case of Google accounts) and save them somewhere safe, like a password manager. This is critical because if you lose the key, you’ll need the backup code to recover your account. If you can, use another YubiKey as a backup and store it in a safe place at home.
When I need to sign in, I plug in the key, enter its PIN, and tap the metal contact to confirm that I am physically present—the website communicates with the YubiKey via the FIDO2 protocol. The key verifies the website’s legitimacy, confirms my identity, and provides the cryptographic signature needed to log me in.
It’s built tough
Crush-resistant shell and IP68 rating
My YubiKey has been on my keychain for over six months now, jangling alongside my house and car keys. It’s been dropped on concrete, sat on while in my back pocket, and accidentally gone through a wash cycle when I forgot to empty my pockets. It still works perfectly.
The YubiKey Security Key is made from glass-reinforced plastic with no battery or moving parts. It’s IP68-rated, meaning it’s completely dustproof and can withstand immersion in water for extended periods. The crush-resistant shell can withstand significant force, more than enough to survive daily abuse on a keychain.
However, the durability is not just about surviving accidental drops or wash cycles; it is also about hardened security for your online accounts. If I ever need to use a computer that I don’t own, security keys offer a more secure sign-in without exposing my password to the host computer. All I need to do is plug it in, authenticate with a PIN, and I’m in.
A hardware key is a great way to secure your most critical online accounts
A YubiKey is built to last and works like a physical key to your locker—except it’s far more secure and nearly impossible to crack or clone. Yes, you could lose something flash drive-sized, just like any key on your keychain. But unlike a physical key, you have recovery options: backup codes or a secondary hardware key stored safely at home.
For anyone frustrated with passwords or concerned about security, a hardware key like the YubiKey is worth considering. At $25–50, depending on the model, it’s a one-time purchase that works across all your devices and accounts. It offers unmatched security with surprising convenience—no subscriptions, no per-device setup, just plug in and authenticate. It’s the simplest security upgrade I’ve ever made.