Why you can trust ZDNet
Our recommendations are based on many hours of testing, research, and comparison shopping. We may earn a commission when you purchase a product through our links. This helps support our work but does not influence what we write about or the price you pay. Our editors thoroughly review and fact check every article. Our process

‘ZDNet Recommends’ What exactly does that mean?

ZDNet’s recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNet nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNet's editorial team writes on behalf of YOU, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form

Close

YubiKey Bio builds biometric authentication into a security key

The new YubiKey Bio brings a passwordless world one step closer.

ZDNet Recommends

Best security key 2021

While robust passwords go a long way to securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

Today sees YubiKey security keys become even better with Yubico's launch of the YubiKey Bio — biometric authentication built right into a security key, allowing for quick, simple, and streamlined passwordless authentication for desktop-based FIDO-supported services and applications.

The YubiKey Bio uses a three-chip architecture that stores the biometric fingerprint in a separate secure element, offering protection from physical attacks.

This, according to Yubico, allows the YubiKey Bio to "act as a single, trusted hardware-backed root of trust which allows the user to authenticate with the same key across multiple desktop devices, operating systems, and applications."

For when biometrics are not supported, users can enter a PIN entered during the initial setup.

By having everything built into the key, it means that authentication mechanisms are protected from tampering even if the host systems are compromised.

The keys can be managed using the Yubico Authenticator for Desktop, an app that is available for Windows, macOS, and Linux. This is used to enroll new fingerprints and add or delete fingerprints when native platform and browser capabilities are limited.

Customers should choose the YubiKey Bio if they are:

  • Securing an account with a service that supports only FIDO U2F or FIDO2/WebAuthn protocols
  • Authenticating using a desktop device
  • In cloud-first environments
  • Using shared workstations and are in mobile-restricted environments

However, there are situations where users will be better off using the YubiKey Series 5 keys :

  • They require broader form factors and NFC support
  • The users need to work across desktop and mobile devices
  • Users need to support applications and services using a range of protocols such as OTP, FIDO U2F and FIDO2/WebAuthn, and Smart card/PIV
  • They are securing legacy and modern environments offering a bridge to passwordless, utilizing non-FIDO protocols

YubiKey Bio: Impressive tech

I've had my hands on the YubiKey Bio for the past few days, and I have to say that they are an impressive bit of technology. The biometric reader is fast and super reliable, and the whole robust package is everything I've come to expect from Yubico.

The YubiKey Bio enables biometric login on desktop with all applications and services that support FIDO protocols, as well as offering out-of-the-box support for Citrix Workspace, Duo, GitHub, IBM Security Verify, Microsoft Azure Active Directory and Microsoft 365, Okta, and Ping Identity.

The YubiKey Bio Series is available in USB-A and USB-C form factors, and keys are priced at $80 and $85, respectively. They are available for purchase from Yubico.