I have started using YubiKey 5 after receiving a media kit in 2018, and while I have not experienced any security breach on my online accounts, the hardware token has kept me safe from potential cyber attacks. Given the increasing adoption of multi-factor authentication (MFA) by social platforms, products like YubiKey have become even more essential, just like how you would want a hardware crypto wallet to store your blockchain NFT products.

Yubico refreshed their YubiKey 5 series with a new firmware 5.7 in May 2024. This firmware is only available in new keys and cannot be updated on old keys. Here is the list of changes:
- Client-to-Authenticator Protocol (CTAP) 2.1 supported, like Force PIN Change, Minimum PIN Length.
- Expanded passkey and passwordless storage capabilities. The number of passkeys that can be registered is increased from 25 to 100, and the storage capacity for OATH and PIV certificate seeds is increased.
- Expansion and enhancement of public key algorithms to support larger RSA key lengths – RSA-3072 and RSA-4096, Ed25519, and X25519 key types enhances key management functions and flexibility for organizations, aligning with DoD memo requirements on stronger public key algorithms.
- Enterprise Attestation (EA) empowers identity providers to facilitate the retrieval of serial numbers from the YubiKey during FIDO2 registration with custom programmed keys.
- PIN Complexity enhanced including FIDO2, PIV, and OpenPGP.
- Migration to Yubico’s own cryptographic library that performs the underlying cryptographic operations (decryption, signing, etc.) for RSA and ECC.
- Restricted NFC usage during transit: NFC capable YubiKeys (YubiKey 5 NFC, YubiKey 5C NFC) and Security Keys (Security Key NFC, Security Key C NFC) have restricted NFC usage to prevent manipulation during transit.
While YubiKeys offer enterprise-grade authentication, normal consumers can benefit greatly. How does a hardware authentication key improve security compared to existing 2FA using soft token or SMS or email? I would say that a hardware key is an “offline token” that hackers cannot access remotely.
Currently, when signing up online services, the more common forms of multi-factor authentications include SMS, email, authentication apps like Google Authenticator, WhatsApp. What these have in common is that they are all stored within the smartphone, making it the single point of failure. Simply put, once the smartphone security is breached, the scammer will get absolute control and can take over access to your SMS, email, and even your authentication app. There has been increasing incidents of shopping scams in Singapore that make the user sideload malicious apps that are disguised as part of an online order process. Once these malware are installed in your smartphone, it will take over the control of the smartphone and perform all kinds of transactions without you knowing.
This is why hardware security keys offer greater benefit, because hackers can never get hold of your hardware device remotely to proceed with the authentication. Of course, hackers could still access your account if they physically steal the hardware token from you, but that would mean you are someone important or holds some really important information. For the rest of us, it probably isn’t going to happen like the spy movies.

You might think that such breaches may not happen to you, but there are a lot of hacking attempts out there that are simply trying their luck to break in. Having 2FA or MFA will reduce the possibility of them succeeding, but adding a hardware security key will further improve the chances of regaining control over your online account. Hackers might be able to replace your mobile number or email address, but they cannot remove the security key unless they can plug in the physical token for authentication. I highly recommend securing your most important online accounts like Google or Microsoft with a hardware security key like YubiKey.
Product Features in Summary:
- TAP-AND-GO – Just tap the YubiKey 5C NFC to NFC-enabled Android, Windows 10 and iOS devices and applications | YubiKey 5C NFC also slips into any standard USB-C port
- DURABLE – Fiberglass reinforced bodies and military-grade hardened gold protect YubiKey from everyday life | YubiKey 5 NFC features water and crush resistance
- PORTABLE – Fit YubiKey on a keyring and carry it without any worry
- WORKS – YubiKey 5 Series Works with the most web services
Read my review of using Yubikeys 5 here.
YubiKeys are available in USB-A, USB-C, Lightning and NFC. Visit this page to compare the different YubiKey products.
Giveaway
Thanks for reading this article, and for that, I will give away the older version of the YubiKeys 5 which I have kept since 2018. For beginners usage, you don’t really need the latest firmware. Well, if you really want the latest firmware version, you can buy them at Vaultum City, and the resellers for businesses are Asiapac Technology and ST Engineering Info-Security.
To receive a free YubiKeys 5, subscribe to this website and leave a comment with your email details. Giveaway is only available to Singapore residents. Giveaway ends after all keys are given out.