Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission.Learn more.

Yubico Yubikey 5C NFC Review

Boost your online security with this simple device

In This Article

In This Article

Verdict

Verdict

Dedicated hardware built to generate secure two-factor authentication, the Yubico Yubikey 5C NFC works with the vast majority of computers and smartphones. It makes authentication easier than using an app, and the results are more secure, defending you against phishing. For anyone that’s serious about security, this is a great investment.

Pros

Cons

Availability

Key Features

Introduction

Two-factor authentication is an essential add-on for any online account, requiring a special one-time code that only you know in addition to a password. Generating these one-time codes can be a real pain, which is where the Yubico Yubikey 5C NFC comes in.

This tiny USB-C device can plug into a computer or useNFCwith a smartphone, acting as thetwo-factor authenticator. It’s more secure than using a code generator, works with practically every service and device, and is well priced.

Design and features

The Yubikey 5C NFC is a tiny USB device, a little bigger than a coin, that you can fit onto a keychain or keep in your wallet. It has a USB-C connector on one end, NFC built-in. The company also sells different versions of this device: with standard USB and NFC; with a Lightning connector andUSB-C; with USB-C only; and two Nano versions that you leave permanently connected.

Given the ubiquity of both NFC and USB-C, I feel that this version is the best overall, giving the widest compatibility with the least amount of hassle.

When the key is plugged in, it lights up green and you tap the metal disc in the middle with a finger to generate a one-time code; it does this when you tap it on compatible NFC devices, such as the majority of smartphones.

The idea with the Yubikey 5C NFC is that you register the key with the service that you want to use, such as your Google Account. Next time you log in, you’re prompted to enter your password and then to use your key, as described above, to verify that it’s you logging in.

So, why bother and what’s wrong with standard codes generated by apps such as the Google Authenticator or sent via SMS? Well, there are a couple of issues. First, these codes can be phished. That is, someone can trick you into revealing the code or even intercept it.

With the YubiKey 5C NFC, you have to be physically present, authenticating directly to log into a service. Plus, the U2F standard that a lot of websites use, and the key supports, is built so that a login attempt is bound to the origin. So, even if someone somehow tricked you into sending them the long code generated by the key, they still wouldn’t be able to use it.

Secondly, if your phone runs out of battery, you can’t generate codes. The Yubikey 5C NFC has no battery, so works anywhere and everywhere. Plus, it’s small and tough, so practically very hard to damage. I’ve been carrying YubiKey devices around for years and have never had one break.

Setting up the key depends on the service that you use, although the steps are generally similar. For example, with Google Accounts, you have to go into your security settings, enable two-factor authentication and then follow the simple registration process to link your key. If you’re struggling, then theYubiKey 5 setup guidehas steps for all of the common services.

As the Yubikey 5C NFC supports the FIDO2/WebAuthn, U2F, Smartcard, OpenPGP and OTP security standards, it works with a huge number of accounts and services, including Google, Microsoft, Coinbase, Facebook, LastPass, Nintendo and loads of others.

This version of the key will work with all mainstream browsers, and it can be used to log you into your macOS devices and, via a free download, your Windows 10 or Windows 11 computers.

Performance

I find using the Yubikey 5C NFC really easy. When I log into a compatible account, I just plug the key in, tap the button when prompted and that’s it. I’ve used it on Windows and macOS systems, using both Safari and Chrome, and the key is always recognised and works exactly as it should.

With mobile devices, the key can be a little fiddly to use, as trying to line it up with the NFC chip in a handset proves hard. To be fair, this isn’t the fault of the YubiKey 5C NFC, more that phone manufacturers make it hard to locate the chip. I typically end up sliding the USB key around the back of my iPhone a little.

Still, the key does work, and it means that I have more secure access to my accounts and I don’t need to mess around with an app.

Latest deals

Should you buy it?

If you want to boost your online security,this is a great way to do it.

If you’ve got relatively few accounts,then a standard authenticator app used carefully will meet your needs.

Final Thoughts

Cybercriminals have shown that they’re more and more intent in breaking into accounts, increasing the complexity of attacks, largely through phishing. While two-factor authentication boosts security, the Yubikey 5C NFC takes protection to the next level. Simple to use and compatible with the vast majority of phones and computers, this security key boosts security while making two-factor authentication easier to use. If you’re serious about security, this is a great investment.

You might like…

FAQs

Rather than plugging the security key in, you can use NFC to generate a code when the key is held to your phone.

Yes, you just register the key for each account you want to use.

Yes, it holds no information about your internet accounts, it’s merely a tool for authentication.

Full specs

Jargon buster

NFC

An abbreviation for ‘near field communication’. This technology allows devices to share information by coming into close proximity with one another – the most popular use of this system is in contactless payments.

USB-C

Starting life on the consumer PC press back in 1998, David has been at the forefront of technology for the past 20 years. He has edited Computer Shopper and Expert Reviews, and once wrote a book on ho…

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.