The YubiKey 5 FIPS Series is a hardware based authentication solution that provides superior defense against phishing, eliminates account takeovers, and enables compliance requirements for strong authentication. This series of security keys are FIPS 140-2 validated (Overall Level 2, Physical Security Level 3.) and meet authenticator assurance level 3 (AAL3) of NIST SP800-63B guidance.
Choose from six different YubiKey models depending on your needs. The keychain model is designed to go anywhere on a keychain. The Nano model is small enough to stay in the USB port of your computer. Multiple form factors with support for USB-A, USB-C, NFC and Lightning. The YubiKey 5 FIPS Series is IP68 rated, crush resistant, no batteries required, and no moving parts.
Cryptographic module validation testing is performed using the Derived Test Requirements [DTR] for FIPS PUB 140-2, Security Requirements for Cryptographic Modules. The DTR lists all of the vendor and tester requirements for validating a cryptographic module, and it is the basis of testing done by the CST accredited laboratories.
Manufactured securely in the United States using stringent processes and secure supply chain for trustworthy components, Yubico solutions are fully vetted and approved for sale throughout the public sector, both domestically and abroad.
FIPS 140-2 Validated (AAL3) of NIST SP800-63B guidance
Support for WebAuthn, FIDO U2F, FIDO2 Passwordless, smart card (PIV), Yubico OTP, OATH-TOTP, OATH-HOTP, and Challenge-Response
Easily configure multiple protocols across computers, networks, and online applications and services
No battery or network connectivity required, users simply insert and tap to authenticate
- Supported protocols: FIDO2/WebAuthn, FIDO U2F, smart card (PIV), Yubico OTP, OATH-TOTP, OATH-HOTP, OpenPGP, and Challenge Response
- Works on Microsoft Windows, Mac OS X, Linux, Chrome OS operating systems, and on major browsers
- PIV smart card compatible, minidriver available on Windows
- Support for PKCS#11
- Crypto Algorithms: RSA 2048, ECC p256, ECC p384
- Hardware secure element to protect cryptographic keys
- FIPS 140-2, Overall Level 1 (Certificate #3907) and Level 2 (Certificate #3914), Physical Security Level 3
- Validated to NIST SP 800-63-3 Authenticator Assurance Level (AAL) 3 requirements
- DOD Cybersecurity Maturity Model Certification (CMMC) Level III compliant
- Support for DFARS/NIST SP 800-171
- WebAuthn/FIDO/FIDO2 compliant
- Approved for use in DOD Non-Classified and Secret Classified Environments
