YubiKey 5C NFC Review: The Best Hardware Security Key

There are many ways to secure your online accounts, such as strong passwords, Two-factor authentication like text message codes (OTP), or a 3rd-party authentication app. Even though these methods provide an additional layer of security, sometimes vulnerable to cyber-attacks. One of the best and the most widely used security techniques is hardware-based security keys and the Yubico is one of the most popular security key providers among a few key providers globally.

Adding a security key like YubiKey or any other key from a different brand like Titan Security Key from Google is one of the best ways to keep your account safe. These keys work on top of your passwords. So, even if someone got hold of your password, the person cannot authorize a login without the security key. Also, you don’t need multiple keys to authorize more than one account. One single key can be used with multiple online accounts such as Google, Facebook, Twitter, etc.

Yubico has a wide range of products in its portfolio to fulfill the needs of individuals as well as corporations. YubiKey 5C NFC is the latest addition to its popular YubiKey 5 series and comes with a USB-C plug and built-in NFC for hassle-free connectivity. The YubiKey 5C NFC is fully compatible with Android, iOS, Windows, macOS, and also Linux. You can easily connect the key to any of the compatible devices such as Smartphones, Laptops, and desktops, or tap the key on the devices with built-in NFC.

YubiKey 5C Package

YubiKey ships the device in secure blister packaging just like a regular tablet strip. The key sits inside a hard plastic shell, and it’s almost impossible to temper the package without showing any visible signs of wear.

YubiKey 5C Design

The YubiKey 5C NFC has a slim USB thumb drive-like design and features a fiberglass reinforced body, and military-grade hardened gold to provide enhanced protection from day-to-day usage. Additionally, the key is water-resistance and also crush-resistant. There is a button (gold ring) at the center and a keyring hole at the top. The button is touch-responsive and not clickable. The ‘y’ logo on the button is backlit, and the green color light glows during the authentication process or when you tap on it.

The YubiKey 5C NFC doesn’t require any battery or network connectivity to start working. Once you plug the key into a compatible device, the application or the service validates the security key when you tap on the button. The key also supports multiple security protocols such as WebAuthn, FIDO2, FIDO U2F, smart card (PIV), Yubico OTP, OpenPGP, OATH-TOTP, OATH-HOTP, and Challenge-response.

How Does the YubiKey 5C NFC Work?

Nowadays, USB-C port is quite common in smartphones or laptops. So, you can make the best use of YubiKey 5C NFC. As it offers two ways of connectivity, you can directly plug the USB-C plug into the laptop or simply tap the key on the rear end of your smartphone that has the built-in NFC like the OnePlus Nord.

Let’s take an example. Assume your email account is secured using a 2FA method. This means, if you need to access your email, first you need to enter your email id, and password, and then, a code is generated through the 2FA app or an OTP is received through the SMS.

It’s quite time-consuming as the code delivery can take between a few seconds and several minutes. Also, you must have your phone with you all the time to get the SMS or generate the code. Additionally, if you don’t use any apps to generate the codes, your phone should always be connected to a mobile network to receive the OTP. Else, you cannot access your account unless you have the backup code with you.

To eliminate such requirements and to enhance the security of your account, hardware-based security keys such YubiKey 5C NFC is used. If your account is protected using the YubiKey 5C NFC (or any other hardware-based key), simply enter the username, and password and then plug the YubiKey into the USB port of the device you’re using. That’s it. The account automatically validates the password with the USB key and gives you instant access to your account.

Note: You can use YubiKey with a countless number of services such as Gmail, Facebook, Twitter, etc. applications. Once you register the key with a particular service (ex: Gmail) each service will simply request you to insert and tap your YubiKey to gain access during login.

Yubico Authenticator (2FA)

An app such as Google Authenticator, Microsoft Authenticator, etc., uses your device to generate access codes. These codes are temporary and expire in 30 seconds. This means the generates a new code every 30 seconds, and you need to enter these codes while logging into your 2FA-enabled account. All such apps store these keys on your phone, and a few apps also allow you to back up these keys online.

One of the best advantages of the YubiKey is the keys are stored in the YubiKey itself rather than the phone or the cloud. YubiKey has its own application called Yubico Authenticator. The app is available for Android, iOS as well as Windows, Mac, and Linux o. Once you install the app on your phone, you need to validate the key by connecting it or by tapping it on the back of your phone (in the case of NFC).

Once the key gets validated, you can add 2FA protection for your services that don’t support hardware-based keys. As all the codes are stored in the key itself, it makes it very easy to move between multiple phones. All you need to do is, install the app on the new or another phone and insert YubiKey to get the codes. You can download the Yubico Authenticator app here.

YubiKey Static Password

Like most YubiKey variants, YubiKey 5C NFC also supports Static Password. This feature splits the password into two parts. The first part is your password, and YubiKey takes care of the second part. Let’s take an example. Cheese777 is the password you are planning to set. The password is easy to remember, but, at the same time, it’s also easy to guess. Using the Static Password, you can make this password stronger and nearly impossible for someone else to guess.

Enter Cheese777 in the password field and insert the Yubikey into your PC’s USB port and then tap and hold the YubiKey button for at least 3 seconds. YubiKey automatically adds additional characters in front of the password you’ve entered. Now, your password becomes Cheese777UT24tchudhrbvblthnvrtifer, where “Cheese777” is a manually entered password by you and “UT24tchudhrbvblthnvrtifer“ is stored in and entered password by the YubiKey.

There is no need to remember the password entered by YubiKey. Next time, during the login, simply enter the username in the username field, and type the first part of the password in the password field i.e., Cheese777 and then insert the YubiKey and press and hold the button for three seconds. YubiKey automatically enters the second part of the password.

Note: You need to tap and hold the button for at least 3 seconds to get the static password. Tapping the button once or for a second or two will generate an OTP string, and that’s not your static password. So, make sure you’re pressing the button for at least 3 seconds.

By default, YubiKey 5C NFC doesn’t include any static password, and you need to configure the Static Password using the YubiKey Personalisation Tool. Using the tool, you can create your own static password with Upper & lower case, Alphanumeric, etc. To set a Static Password for the YubiKey 5C NFC:

• Open YubiKey Personalisation Tool
• Insert the YubiKey
• Click on the Static Password on the top menu and select Advanced
  1. Select Configuration Slot 2
  2. Select the Password Length – 16 or 32 characters
  3. Generate a Private Identify Key by clicking the Generate button
  4. Generate Secret Key by clicking the Generate button
  5. Select Strong Password Policy as per your requirement – Check or Uncheck
  6. Click on the Write Configuration button to complete the process

You can also check the generated static password on your computer or mobile. Simply open any text editor like Notepad or Microsoft Word. Press and hold the button for 3 seconds and the static password will be typed into the text editor. Check this link for more information on the Static Password.

YubiKey 5C NFC Features

• Saves a lot of time – No waiting for SMS
• No batteries or network connectivity required
• Built-in NFC for instant access
• Secured with multiple protocols
• No 3rd-party apps are required for validation
• Intuitive user experience and fast setup
• One device can be used with hundreds of sites
• Fiberglass reinforced bodies and military-grade durability
• Compact design and can be easily kept inside your wallet
• 4X faster than SMS-based authentication and more secure
• Works right out of the box – No internet connection needed to activate the key
• Works across major operating systems – Windows, macOS, iOS, Android, and Linux
• Compatible with leading browsers such as Google Chrome, Edge, etc.
• Made in USA/Sweden
• Cross-platform tools to configure the Key
• Static Password with easy configuration

How to Use YubiKey with Google Account

Setting up the YubiKey with your Google Account is easy and will take about five minutes. Make a note that, here, you’re adding a security key to your Google Account means the key works with Gmail, Google Photos, Google Drive, and all other official Google services associated with your Google account. To add a key to your Google account:

• Open https://accounts.google.com/
• Sign-in using your email id and password
• Click on the Security tab
• Scroll down a bit and select 2-step Verification
• Enter your password to proceed to the next step

• In the 2-step verification page, scroll down and select Add Security Key
• Select USB or Bluetooth
• Click on Next from the pop-up
• Enter the password to proceed to the Next step

• Once you click on the USB or Bluetooth, you’ll be asked to insert the security key. Insert the YubiKey 5C NFC into the USB port.
• Once you connect the key to the USB port, the ‘y’ logo on the button starts glowing. Tap on the button.

• You’ll get a notification from your web browser saying, “myaccount.google.com wants to see the make and model of your security key”.
• Click on Allow.

• That’s it. The security key will be added to your account instantly. You’ll get a confirmation saying ‘Security Key Registered’.
• Give a name to the security key (Ex: Key1 or YubiKey 5C NFC)
• Click on Done to complete the process

To use the YubiKey with the Google account:

• Open https://mail.google.com/
• Enter your Username and Password
• You’ll be asked to insert the Security Key. Insert your YubiKey 5C NFC into the USB Port
• Tap on the Button
• Click on Next
• That’s it. You’ll be redirected to your Inbox.

Pro’s & Con’s

YubiKey is one of the most popular security key providers in the world, and the YubiKey 5C NFC series ticks all the right boxes. The key is specifically designed for new-generation devices with a USB-C port or NFC. The design is durable, and you can even keep the key in your wallet. Works flawlessly with popular operating systems and also leading browsers.

YubiKey supports a wide range of security protocols and makes it compatible with more online accounts than most other security keys currently available in the market. Apart from the compatibility, Yubico also provides excellent documentation which is more than enough for newbies to set up and configure the key without any help from technical support.

Even though the key works absolutely fine with most of the applications and services on mobile, certain features can only be accessed through the computer like resetting the FIDO2 password, etc. The YubiKey 5C NFC is priced slightly higher as it offers the USB-C port and also NFC. If you are looking for a cheaper security key, then, you’ll get a few other options like Security Key NFC by Yubico or Titan from Google that start from $25. If you are a person who uses USB-C-supported devices on a daily basis and is more concerned about compatibility, then, YubiKey 5C NFC is the best hardware security key around right now.

YubiKey Frequently Asked Questions (FAQ)

Does YubiKey 5C NFC Work with Smartphones?

Yes. YubiKey 5C NFC works with all smartphones or iPhones with USB-C ports or NFC.

What if I’ve Lost My Security Key?

The best way is to purchase two security keys. One primary key is for daily use, and another key is a backup just in case one is lost or stolen. Make sure you pair both keys to all of your accounts and keep the backup key in a safe place. Alternatively, you can set up an additional backup two-factor authentication method like SMS or a third-party authentication app.

What if the Browser I Use Doesn’t Support Security Keys?

As of now, YubiKey is supported on leading browsers like Google Chrome, Safari, Opera, Microsoft Edge, and Firefox. If you use some other browser, you’ll have to set up an additional two-factor authentication method such as SMS, or a 3rd-party authentication app like Google Authenticator, Microsoft Authenticator, etc.

What Happens if My Security Key Gets Stolen?

Security key works on top of passwords and is not a replacement for your password. If your YubiKey is stolen, the person in possession of your security key will not be able to log in to your account unless he knows your username and password. In such cases, if you have a backup key, then blacklist or remove the stolen key from all your services. If you don’t have a backup key, use the backup method and remove the stolen key from all of your accounts immediately.

Can I Use the YubiKey with My iPhone?

Yes. You can use the YubiKey with your iPhone, but it depends on which iPhone you use. If you use iPhone 7 and newer models, you can use the YubiKey 5C NFC or the YubiKey 5C. But if you use iPhone 6S or older versions, you’ll have to use the YubiKey 5Ci because it includes a Lightning port and a USB-C port.

Can I Use the Same YubiKey to Log in to Facebook and Twitter?

Yes. You can use the same YubiKey to log in to Facebook and Twitter. There are no restrictions on the number of applications you use. You can use it on more than a hundred services or as many as services you want.

Can I Update the Firmware of the YubiKey 5C NFC?

No. You cannot update the firmware of the YubiKey 5C NFC or any other YubiKey variant. According to Yubico, it does not permit its firmware access to prevent attacks on the YubiKey which might compromise its security. If available, the new firmware will be shipped with new devices, and it doesn’t affect the working on existing devices. Check out this link for more information.

How to Set or Reset Fido2 PIN of YubiKey 5C NFC?

You can set or reset the Fido2 PIN using the official YubiKey Manager app on your computer. First, download YubiKey Manager from the official website.

• Open the app -> Click on Applications
• Select Fido2 from the dropdown
• Click on Set Pin to set the PIN, or
• Click on Reset Fido to reset the PIN
• Select Yes from the popup
• Remove and reinsert the YubiKey to complete the password reset.

Can I use YubiKey 5C NFC with Devices with USB-A Ports?

Yes. You can use the YubiKey 5C NFC on devices with a USB-A port using a USB-C female to USB-A male adapter. Check out this link for more information on adapters.

Can I Duplicate or Back Up a YubiKey?

No. You cannot Duplicate or Back-Up a YubiKey.

What are the Password Managers Supported by YubiKey 5C NFC?

The YubiKey 5C NFC supports 1Password, Dashlane Premium, Keeper, and LastPass Premium.

How to Add a YubiKey to Facebook?

Adding the YubiKey to Facebook is almost similar to adding the Key to your Google Account (as explained here). To add the YubiKey key to Facebook:

• Open facebook.com/security/2fac/settings or
• Click on the Account (Down arrow on the top right)
• Settings & privacy -> Settings
• Go to Security & login
• Click on Two-factor authentication
• Scroll down and click on the Setup button in front of the Security key entry
• You may be asked to enter the password
• Click on Register Security Key
• Insert the Security Key and tap on the Button
• Enter the name for a security key
• Click on Save
• That’s it. The security key will be added to your account.

How to Factory Reset YubiKey 5C NFC?

The YubiKey 5C NFC has five separate applications, and these applications have different processes for being reset. Check out this official guide to resetting the YubiKey 5 series.

What is the Warranty Period of YubiKey 5C NFC?

YubiKey NFC comes with a one-year warranty from the date of purchase.

YubiKey 5C NFC Price, Where to Buy

YubiKey 5C NFC comes only in Black color and will be available to purchase via Amazon.in at ₹7,990. As stated above, the YubiKey 5 Series is available in multiple variants. Make sure you choose as per the device (Laptop or Phone) you use. Check out the variants below.

• YubiKey 5C – USB-C port, no NFC
• YubiKey 5 NFC – USB-A Port and NFC
• YubiKey 5C NFC – USB-C port and NFC
• YubiKey 5 Nano – USB-A Port, No NFC
• YubiKey 5C Nano – USB-C Port, No NFC
• YubiKey 5Ci – Type-C Port and Lightning Connector

YubiStyle Cover

YubiStyle Covers (stickers) help you differentiate between multiple YubiKeys of similar design. These are Water-resistant, Scuff-resistant, and made up of premium 3M vinyl. These are easy to install, don’t leave a sticky residue, and are also available in multiple patterns (more than 10). These stickers can be purchased through Yubco’s official website at $5 USD. Please make a note that the stickers are not included in the package and need to be purchased separately.

YubiKey 5C NFC Specifications

USB type	USB-C
NFC-enabled	Yes
Design & durability	Water-resistant Crush-resistant No batteries required No moving parts
Authentication methods	Passwordless Strong two factor Strong Multi-factor
Identity & access management	AWS IAM Centrify Duo security Google cloud identity Idaptive Microsoft active directory Microsoft Azure AD Okta Ping identity
Productivity & communication	Google account Microsoft account Salesforce.com
Supported password managers	1Password Dashlane Premium Keeper LastPass Premium
Function	WebAuthn FIDO2 CTAP1 FIDO2 CTAP2 Universal 2nd Factor (U2F) Smart card (PIV-compatible) Yubico OTP OATH – HOTP (Event) OATH – TOTP (Time) Open PGP Secure Static Password
Certifications	FIDO 2 FIDO Universal 2nd Factor
Cryptographic specifications	RSA 2048 RSA 4096 (PGP) ECC p256 ECC p384
Device type	FIDO HID device CCID smart card HID keyboard
Manufacturing	Made in USA / Sweden
Warranty	1-year