50% off 2x YubiKey 5 NFCs, 2x YubiKey 5C NFCs, 1x YubiKey 5 NFCs & 1x YubiKey 5C NFCs + $5 Delivery @ Yubico

1480

50% off 2x YubiKey 5 NFCs, 2x YubiKey 5C NFCs, 1x YubiKey 5 NFCs & 1x YubiKey 5C NFCs + $5 Delivery @ Yubico

Go to Deal

Ldannymacka on 27/08/2021 - 10:32 yubico.com (4729 clicks)
Last edited 27/08/2021 - 10:42 by 1 other user

BRAVE50

Best deal I've seen from the offical YubiKey store. Even thou the AUD dollar isn't the greatest at the moment this is a pretty good deal.
I saw this offer while using my Brave browser. But it looks like you can still purchase on Google Chrome browser.

coupon code wasn't implemented right so it works against one. add two, apply, remove one. Credit to maybe a bot.

Note:
• All prices are in USD. Shipping to Australia = $5 USD.
• International transaction fees may apply on your credit or debit card. (I use my ING debit card which waves the fees)
• Might need to use the Brave browser to purchase.

Choose from:
• Two YubiKey 5 NFCs (2pack)
• Two YubiKey 5C NFCs (2pack)
• One YubiKey 5 NFCs and One YubiKey 5C NFCs (2pack)

*Coupon Promotion Terms:
This coupon will expire on August 26, 2021 at 11:59pm PT and is valid only at Yubico.com/store. This redemption is valid for 50% off two keys, including YubiKey 5 NFC and YubiKey 5C NFC. Keys procured with this redemption are Not For Resale. A maximum of two keys may be present in the cart for this coupon to work. No other products from the Yubico store may be present in the cart. Redemption code cannot be combined with other offers or redemption codes. Standard shipping and handling rates may apply. International shipments may be subject to customs fees and duties. Yubico reserves the right to cancel and refund orders associated with this discount code. No cash or value for code or product. Redemption code required at time of checkout.

Electrical & Electronics 2FA NFC Security Key Two Factor Authentication USB-A Yubico

27 Aug 2021 4:59pm

Related Stores

Yubico

closed Comments

maybe a bot on 27/08/2021 - 10:38

+22

coupon code wasn't implemented right so it works against one. add two, apply, remove one.
SirDale on 27/08/2021 - 10:43

+18

You can get a (single) "free" yubikey if you subscribe to ArsTechnica for $50 - a very high quality tech news site (that I read daily).

20% off the 2nd key you buy.
- killingtime on 27/08/2021 - 12:20
  
  Which model
  - 8at8 on 27/08/2021 - 13:59
    
    New Ars Pro++ subscribers get their choice of the YubiKey 5 NFC (a $45 value) or the YubiKey 5C (a $50 value), both of which add convenient 2FA security to protect your online accounts, networks, and more. In addition, Ars Pro++ subscribers get a code good for $20 off when you order 2 YubiKey 5 Series keys or more. Doesn’t apply to Yubico’s Security Key Series. Free shipping to almost anywhere!**
Leho on 27/08/2021 - 10:45

+2

literally bought 3 like a week ago :(
- Misasagi on 27/08/2021 - 10:46
  
  +1
  
  same here, just bought 3 about week ago…
  - [Deactivated] on 27/08/2021 - 11:15
    
    +2
    
    what do you use these for?
    - whyisave on 27/08/2021 - 14:53
      
      you can use these wherever hardware-based authentication is necessary,
      eg. with Bullish.com
      
      it's a physical "key" (like a password)
    - mbm on 27/08/2021 - 16:42
      
      I store my GPG private key on it, but it can also be used a 2FA device to generate codes during sign in
      - Bedgrub on 27/08/2021 - 22:35
        
        @mbm: What are you using GPG for?
  - Associatedcydia9k @ Yubico on 27/08/2021 - 11:19
    
    +1
    
    Are we seriously aiming for triple redundancy MFA now? I'm just thinking about getting a second since that's actually recommended
    - airtime on 27/08/2021 - 12:20
      
      +1
      
      1 - primary
      2 - on-site backup
      3 - off-site backup
    - killingtime on 27/08/2021 - 12:20
      
      I'm cheap so my 3 lets my wife and I have 1 each and a shared backup.
Jonzay on 27/08/2021 - 10:53

+1

I think the discount was implemented right, the wording at checkout says "+ 50% OFF up to two keys. Max order size two." which implies an order of 1 is okay
- maybe a bot on 27/08/2021 - 11:04
  
  yeah their terms are weird. still, it seems like it was promoted to OP primarily in a bundle of 2.
  
  im ordering 2 anyway, im not taking the chance of losing my damn keys and my accounts at the same time
fookos on 27/08/2021 - 10:56

I really must read up more on these things. Are they a form of 2FA, in a physical form?
- Leho on 27/08/2021 - 10:58
  
  +1
  
  basically
- mimik13 on 27/08/2021 - 11:01
  
  +14
  
  Great video on how to use it
ShouldIBuyIt on 27/08/2021 - 11:01

Wondering if that could be useful to connect to work VPN in one touch instead of inputting credentials every single day ?
- askbargain on 27/08/2021 - 11:13
  
  -2
  
  No
  - slankets on 27/08/2021 - 11:43
    
    +1
    
    Actually it works for my work (Cisco VPN). Check with your IT team. You enter credentials then MFA with key tap.
    - ShouldIBuyIt on 27/08/2021 - 11:48
      
      Ah yeah, nah, we don't use MFA so I guess I'll still have to input credentials
    - askbargain on 27/08/2021 - 12:34
      
      +1
      
      instead of inputting credentials
      
      You enter credentials
      
      Actually
  - Bedgrub on 27/08/2021 - 22:36
    
    Yes, depends
  - gimli on 28/08/2021 - 11:37
    
    lol
- sanur on 27/08/2021 - 13:15
  
  +1
  
  Yes it's possible depending on your companies infrastructure. It's called passwordless authentication and is in their website documentation. Forward the link to your IT team to see if they can configure it for you.
- No Username on 27/08/2021 - 13:48
  
  +1
  
  Yes depending on your VPN config at work.
  
  Our setup allows staff members to authenticate via their Smart Card or via Yubi Key if they're accessing content on their phone.
  
  We can enable passwordless login but due to security reasons staff members will still have to click the link sent to their phones to authenticate the sign in process.
snep on 27/08/2021 - 11:01

+4

Just bought a single type a key, ended up being A$39.61 delivered through paypal. Not bad at all, thanks op
- [Deactivated] on 27/08/2021 - 11:12
  
  how sway?
  - dingdong3000 on 27/08/2021 - 11:15
    
    +1
    
    Probably got the USB-A single for 27.5USD delivered
    - snep on 27/08/2021 - 11:18
      
      Yep, added two yubikey 5 NFC to cart and removed one, code still applies as other commenters found
reactor-au on 27/08/2021 - 11:11

Doesn't work with windows Hello. Bit disappointed.
- slankets on 27/08/2021 - 11:43
  
  Is Hello the same as Outlook online? If yes, it works for me with Hotmail account.
  - reactor-au on 27/08/2021 - 12:03
    
    +1
    
    I guess not then, yubikey says on the product page that WIndows Hello isn't supported at this time.
- airtime on 27/08/2021 - 12:21
  
  Confirmed. Would love to use these in a corporate environment alongside Windows Hello authentication. Not possible at the moment.
  - gromit on 27/08/2021 - 13:59
    
    Various Yubi Keys do work with hello, you just have to make sure you get a compatible one. Yubi have a table of which ones work.
    - airtime on 27/08/2021 - 14:13
      
      I should have been more specific - I mean enterprise level, centrally managed Windows Hello with Azure AD joined and managed (eg. Autopilot) devices, Azure AD identities (AAD Connect synced to AD). No one I know has been able to get it working with any Yubikey (5 series or security key series).
      
      If you know anyone who has been successful please point me in their direction.
      - [Deactivated] on 27/08/2021 - 14:31
        
        @airtime: Which company?
        
        airtime on 27/08/2021 - 14:55
        
        @[Deactivated]: Not sure what you mean. If you mean which company employs me, I am not going to say here.
        
        [Deactivated] on 27/08/2021 - 15:03
        
        @airtime: Why not? You've got the… airtime 🤣
        
        airtime on 27/08/2021 - 15:06
        
        @[Deactivated]: Most corporate organisations have policies that guide employees in what they can and cannot do re: public comment. I can't say who employs me without risking disciplinary action. In any case, the rationale behind such policies are mostly sound and they exist for good reasons.
      - gromit on 27/08/2021 - 15:14
        
        @airtime: I did it previously with Autopilot/Intune managed however that was using now defunct Yubi Key app. There are 3rd party solutions now that specifically offer Yubi Key for Azure AD joined devices with WHFB
        
        airtime on 27/08/2021 - 15:20
        
        @gromit: Thanks gromit. Do you know the names/websites of the 3rd party apps? We have looked into solutions like those offered by SecureW2 and others - but they don't uses the TOTP functionality of the Yubikey, rather they just use the Yubikey to store a certificate - not much different to using a standard USB key.
        
        gromit on 27/08/2021 - 15:22
        
        @airtime: no all the ones I have looked at use certificate, though what is wrong with that? Certs on the key are just as good as a TOTP as long as you are managing the Certs correctly.
        
        PS: and no it is not the just the same as putting the cert on a USB as a USB doesn't prevent the private keys being exported or the key being copied.
        
        airtime on 27/08/2021 - 15:32
        
        @gromit: It's mainly an issue with value/cost. If you are just using the Yubikey as a certificate store / USB based certificate delivery, there are much cheaper ways of performing that.
        
        edit: re, your addition under ps - the key only has to hold the public key, not the private key.
        
        Thank you for your suggestions and input.
        
        gromit on 27/08/2021 - 15:46
        
        @airtime: you should NEVER be using a public key for authentication, if you are then yes it would be no better than a USB stick with the cert on it. the key has to hold BOTH, the public key being accessible the private key not. So while I haven't used the 3rd party solutions I would be shocked if they relied only on the public key being present.
        
        airtime on 27/08/2021 - 16:05
        
        @gromit: ?
        
        Public key is used to encrypt the combination of a nounce, timestamp, and perhaps other ID info. That cypher text is sent to secure central server that decrypts with private key. If it confirms the plaintext is valid, authentication is allowed for that factor. Obviously the process is a bit more complicated than that. But it is perfectly secure encrypting using only your public key. Having ONLY the public key available on the portable authentication factor is FAR more secure. I am a bit baffled why you think having both private and public key available is more secure to just having the public key available.
        
        Keep in mind these devices are SOMETHING YOU HAVE. The are an additional factor used alongside other factors. I've never seen one where you have to authenticate to the key first before use.
        
        Anyway, this is off topic for this thread.
        
        gromit on 27/08/2021 - 16:15
        
        +1
        
        @airtime: Interesting and very strange way to do it. It is supposed to be the reverse, you encrypt with the private key and use the public key to verify. If that is the way they do it then I agree it is awful and breaks every rule around certs and security. Private key should never leave the device and is the proof you are you. A public key can be put anywhere and is easily moved or exported. Private keys should not be accessible to your authenticating service and no having the public key only is not more secure, it is significantly weaker as it can be moved from the device, private key should exist is precisely one place and never leave that place and that is in the hands of the authenticating device.
        
        PS: and thankfully a quick read on SecureW2 it doesn't work the way you are suggesting, it does it properly with the private key.
  - Colombian on 27/08/2021 - 15:52
    
    But it can be used in a corporate environment without using Windows Hello can't it? We don't use Windows Hello where I work.
Javin on 27/08/2021 - 11:12

Just a newbie need to know which one to go for 5 NFC or 5C NFC ?, i have never used this
- Remorhaz on 27/08/2021 - 11:14
  
  +5
  
  5C NFC if you have USB-C ports on your computer (and/or phone)
  5 NFC is you have the older USB-A type ports on your computer
  - MagnamoniousRex on 27/08/2021 - 13:36
    
    Phones have NFC so USBA gives you more coverage.
    - [Deactivated] on 27/08/2021 - 13:51
      
      … and a ruling is due soon that might make Apple have USB-C for EU iPhones. I went for 5C as I have a C->A adaptor 🤷🏻‍♂️
      - MagnamoniousRex on 27/08/2021 - 14:54
        
        +1
        
        @[Deactivated]: lol if this happens then I will be buying my first iPhone.
      - Smigit on 27/08/2021 - 20:23
        
        +1
        
        @[Deactivated]: Apple will almost certainly remove the charging port entirely if they can't use lightening. They've been moving that direction for years anyway. The EU is also looking at the supported wireless standards but Apple supports Qi which is the most common, so chances are they can comply with any legislation by outright removing the port which many people think they are going to do soon enough anyway.
        
        There's very little Apple accessories or devices aimed at the iPhone that need the port. Even their latest battery pack uses wireless instead of the port. CarPlays the only really problematic area as uptake of wireless CarPlay has been a bit slow, but they can probably create a wireless adapter to convert cabled units to wireless anyway if needed (and some third parties already have options to do this).
- Mitch889 on 27/08/2021 - 11:14
  
  +2
  
  Depends what you want to plug it into. If you have Mac made in the last five years or a newer Windows machine with USB-C, you want to 5C.
- alo1234 on 27/08/2021 - 11:16
  
  +2
  
  5 NFC is for the normal USB type A port.
  
  5C NFC as the name suggest, for USB-C. This will fit all modern laptop and phone.
  - pumpkinspice on 27/08/2021 - 11:37
    
    *5Ci if you have modern laptop and iPhone
    - Shoocat on 27/08/2021 - 11:48
      
      +2
      
      Surely for iPhone and any phone with NFC you'd use that over it plugging in? Curious if there's a use case for plugging it into phones, as I'm thinking getting USB-A for backwards compatability.
      - dingdong3000 on 27/08/2021 - 11:55
        
        +3
        
        @Shoocat: USB-A for more compatibility + seems more durable imo. Even with future USB-C dongles will most likely have USB-A port
        
        Trojan on 27/08/2021 - 12:39
        
        @dingdong3000: This is why I hate Apple's decision to remove USB-A from their Macbooks.
      - pumpkinspice on 27/08/2021 - 13:10
        
        @Shoocat: Oh yeah, good point.
        I have no idea why Ci exists then.
Mitch889 on 27/08/2021 - 11:13

Awesome, wanted a Yubikey for a while, but needed two for the redundancy and it was feeling a bit expensive.
[Deactivated] on 27/08/2021 - 11:21

I saw this offer [for a 2FA device] while using my Brave browser

Tell us you're privacy/security-conscious without telling us you're privacy/security-conscious.
- brotherfranciz on 27/08/2021 - 14:05
  
  I thought the same thing but then I noticed the coupon code is 'BRAVE50'.
impoze on 27/08/2021 - 11:23

+3

does anyone use together with bitwarden?
- Namidairo on 27/08/2021 - 11:32
  
  +2
  
  You'll need to be on one of the paid plans or self-host vaultwarden for that.
  
  If you self-host, obviously make sure that you have the database backing up to somewhere remote on a regular basis.
- airtime on 27/08/2021 - 12:27
  
  +3
  
  Yes, I use these with Bitwarden.
  
  Please note - if you turn on 2FA with Bitwarden it applies to all devices you use Bitwarden on. In my case that means I need a 5 NFC, 5C NFC and 5Ci to cover all devices and allow off-site redundancy.
  
  MacBook Pro = 5C, 5C NFC or 5Ci
  Older Windows laptop = 5 NFC
  Newer Windows laptop = 5C, 5C NFC or 5Ci
  iPhone = and of the NFC versions or 5Ci
  iPad 8th Gen = 5Ci (non-pro iPads don't have NFC)
  
  So I must have a 5Ci and 5 NFC but also have an extra 5C NFC setup for off-site redundancy.
- GoodQuestion on 27/08/2021 - 16:38
  
  Yes, would highly recommend. Pay $10 for bitwarden premium, worth every penny IMO.
  PC - 5c
  Iphone and ipad - 5ci x 2
anglais on 27/08/2021 - 11:29

Nice. Literally was thinking about replacing my 2 old USBA keys for NFC.
andgucps on 27/08/2021 - 11:41

+1

Just note that the most important services (imo) like major banks, don't support this MFA. Quite disappointing. Use it for my emails mostly.
- Tacooo on 27/08/2021 - 14:12
  
  +5
  
  I've not once seen a bank that had anything other than dogshit security/authentication. The only upside is knowing your assets are backed by their insurance should anything happen.
  - [Deactivated] on 27/08/2021 - 14:35
    
    +4
    
    Too right.
    
    Westpac IB is the worst I’ve seen:
    • no 2FA
    • max 6 digit password
    - naru6705 on 27/08/2021 - 15:41
      
      +2
      
      Can’t agree more on this, Westpac IB security is worse. I couldn’t believe they force you have short password
      - ragrum on 27/08/2021 - 16:23
        
        +3
        
        @naru6705: Troy Hunt, who is a respected voice on cyber security, has done a blog post about arbitrary restrictions on passwords imposed by banks, and how that's bad, but not as bad as it seems.
        
        https://www.troyhunt.com/banks-arbitrary-password-restrictio…
        
        Summary
        
        So wrapping it all up in reverse order, arbitrary low limits on length and character composition are bad. They look bad, they lead to negative speculation about security posture and they break tools like password managers.
        
        But would I stop using a bank (as I've seen suggested in the past) solely due to their password policy? No, because authentication in this sector (and the other security controls that often accompany it) go far beyond just string-matching credentials.
        
        Let's keep pushing banks to do better, but not lose our minds about it in the process.
        
        Tacooo on 27/08/2021 - 19:22
        
        @ragrum: The only secondary authentication I've had with Westpac is SMS 2FA and only when transferring money. It's yet another feature that's lacking. I'm positive they also use other data like geolocation, ISP data, matched browser profiles and such but so does every other half baked service out there.
  - GoodQuestion on 27/08/2021 - 16:40
    
    This is why you should use a password manager, secured 2FA, and have unique passwords for every thing you have.
Yanoflies on 27/08/2021 - 11:53

I don't want to use up my Type-C port on my computers so it's better to get the Type-A right?
- Trantor on 27/08/2021 - 11:57
  
  It doesn't have to stay in, once you are in, take it out
  - Yanoflies on 27/08/2021 - 12:00
    
    Isn't it a hassle to plug and unplug every time you need to login to something?
    - kulprit on 27/08/2021 - 12:11
      
      If it's always plugged in and someone gets remote access, then it's not really working.
      - Yanoflies on 27/08/2021 - 12:13
        
        +2
        
        @kulprit: Aren't you supposed to touch it?
        
        fault on 27/08/2021 - 12:21
        
        +1
        
        @Yanoflies: Correct. Leaving it plugged it won’t hurt. Obviously bad idea to leave it unattended though.
        
        Yanoflies on 27/08/2021 - 12:34
        
        +1
        
        @fault: Turns out the Nano versions aren't included so I will try the portable one to use as a take-with-me key.
        
        jiancoek on 27/08/2021 - 14:10
        
        @Yanoflies: Same here, looking for Nano version, but not included in the promo
sareth on 27/08/2021 - 11:57

"This coupon will expire on August 26, 2021 at 11:59pm PT"
Isn't that 4:59 AM on August 27 in AEST? As in ~7 hours ago?
- Freezies on 27/08/2021 - 12:17
  
  +1
  
  No, PT is -7 GMT so in about 4 hours 45 mins from now. Currently PT time is 7:15pm on the 26th.
Shoocat on 27/08/2021 - 12:00

Question for those in the know - are there downsides/compatability issues related to the FIPS version? The extra price seems small for what appears (on the face of it) to be compliance with a higher security accrediation standard.
johnnybravo on 27/08/2021 - 12:01

We currently use Authy for the 2FA and use it on multiple devices. Just wondering what would be the major benefit of Yubikey over it (assuming that we get two of the keys).
- flipsticks on 27/08/2021 - 16:24
  
  +3
  
  Little bit simpler than entering a code, you just plug it in and press the button (Also don't have to worry about time expiry)
- fault on 28/08/2021 - 08:30
  
  +1
  
  I would also add "stronger" authentication. There are different forms of 2FA. Some are "stronger" than others. Authy primarily supports TOTP which is widely adopted. YubiKeys support this too in addition to others including a "stronger" one: WebAuthn. This is what people generally refer to as the "touch it when prompted" experience.
  
  WebAuthn is stronger because it's phishing resistant — it doesn't rely on a shared key/seed (it uses public key cryptography & you never disclose your private key which is securely stored on the security key), there are no 6 digit codes to send (and therefore be phished & be used in replay attacks), there is origin binding (in simple terms, that means a fake phishing site won't be effective), etc.
  - johnnybravo on 30/08/2021 - 10:00
    
    +1
    
    Thanks. I have been using TOTP with Authy and I thought it was fairly secure. Having said that, I am open to better options. Grabbed two of these keys to test it out. The major challenge I have is convincing my partner to get on board. It was hard enough to convince them on Bitwarden/Authy combo.
    - fault on 30/08/2021 - 13:11
      
      +1
      
      Yep I hear you on the partner front :)
      
      TBH not many apps/services support security keys yet but I still get value out of it for the ones that do e.g., Google, the major cloud providers, GitHub, 1Password, etc.
      
      Tip: If you're ok with Google SSO to apps/services that support it, then you'll also get the "strong" authentication benefit there too by extension.
      - johnnybravo on 30/08/2021 - 14:55
        
        @fault: Good point. I usually do not use Google SSO but I suppose this would be a very strong reason to do so. Thanks for the info. Appreciate it.
airtime on 27/08/2021 - 12:08

+6

Be patient with the delivery. Last Yubikeys that I ordered directly from Yubico took 2 months to arrive in Sydney.
priceaintright on 27/08/2021 - 12:32

I've got some Solokeys that are still taking their time to arrive, as a first foray into utilising physical keys. As I haven't been able to play around with them yet, is it possible for the 2 different types of keys to co-exist interchangeably?
- auscompgeek on 27/08/2021 - 16:51
  
  Most websites will allow you to register multiple security keys.
SickDmith on 27/08/2021 - 12:49

I am getting "This coupon isn't valid."

Edit: seems to work in incognito window
RichardL on 27/08/2021 - 13:26

Thanks, picked up 2x 5C NFC.
[Deactivated] on 27/08/2021 - 13:40

Can I plug the usb C into the Mx Keys wireless KB and have it work?

This was posted 2 years 8 months ago, and might be an out-dated deal.

50% off 2x YubiKey 5 NFCs, 2x YubiKey 5C NFCs, 1x YubiKey 5 NFCs & 1x YubiKey 5C NFCs + $5 Delivery @ Yubico

Related Stores

closed Comments

Summary

Related Products

Top Deals

New Deals