Lo primero que debes hacer al recibir una YubiKey
Guides and Tutorials

The First Thing You Should Do When You Receive a YubiKey

The first thing you should do when you receive a YubiKey is verify that it is authentic at yubico.com/genuine. After that: set up the PIN, register the key on your most important accounts, and prepare a backup plan in case you lose it. This guide explains each step in order.

Step 1 — Verify that your YubiKey is authentic

Yubico includes a free validation system to confirm that the key in your hands is genuine and has not been tampered with. The process takes less than a minute.

1
Go to yubico.com/genuine from any browser

It works on mobile, tablet, and computer. You don't need to install anything.

2
Insert or tap the YubiKey when prompted

If your model is NFC, you can tap it to your mobile instead of inserting it. If it's USB, connect it to your computer and touch the gold contact when it blinks.

3
Check the result

If "YubiKey is genuine" appears, the key is authentic and ready to use. If any other message appears, contact Yubico before setting anything up.

ℹ️ Why is this step important?

A counterfeit or modified YubiKey may appear to work normally but could compromise the security of your accounts. Verifying before registering is a best practice recommended by the manufacturer itself.

Step 2 — Set up the FIDO2 PIN

The FIDO2 PIN is a code that the YubiKey may ask for before authenticating you. Some services require it — if you don't have it set up, the key won't work on those services. Set it up before registering the key anywhere.

1
Download and install Yubico Authenticator

Available at yubico.com/products/yubico-authenticator. Compatible with Windows, macOS, and Linux.

2
Insert the YubiKey and open Yubico Authenticator

The application automatically detects the key and displays the model and serial number.

3
Go to Menu → YubiKey Settings → FIDO2 → Set PIN

Choose a PIN of at least 4 characters. It can include letters and numbers. Write it down in a secure place — there is no way to recover it if you forget it.

⚠️ Attempt limit

If you enter the PIN incorrectly 8 times in a row, the YubiKey's FIDO2 application locks permanently. There is no recovery possible — the key would become unusable for FIDO2. Save your PIN from the start.

Step 3 — Choose the first service to protect

You don't need to register your YubiKey everywhere at once. Start with the most critical service — usually email, because from there you can reset all other passwords.

📧
Email — first priority

Gmail, ProtonMail, Outlook. If someone accesses your email, they can reset any other account.

🔑
Password manager — second priority

Bitwarden, 1Password. Protects access to all your passwords at once. How to protect Bitwarden with YubiKey →

💰
Banking and fintech — third priority

Revolut, PayPal, Wise, crypto exchanges. Which financial services support YubiKey in 2026 →

Step 4 — Prepare a backup plan before you need it

If you lose your YubiKey without having a recovery plan, you could lose access to your accounts. There are two levels of protection:

1
Minimum level — recovery codes (mandatory)

Most services generate one-time codes when you enable 2FA. Download them and store them in a secure place: inside your password manager or printed on paper in a physical location. Never on your phone unencrypted.

2
Recommended level — second YubiKey as backup

Register a second key on the same services as the primary one. If you lose one, the other continues to work without needing recovery mode.

⚠️ Without a backup plan, losing the key = losing access

A YubiKey without saved recovery codes or a second registered key is a real risk. The account recovery process can take days or weeks depending on the service.

YOU MIGHT BE INTERESTED

Do I need 2 YubiKeys? Complete backup and recovery guide Do I need 2 YubiKeys? Complete backup and recovery guide

Step 5 — Decide how to carry it from now on

The YubiKey is small by design. Without protection, it ends up scratched at the bottom of your backpack or mixed in with your car keys. There are two ways to carry it depending on your habits:

In your wallet Card format tray for YubiKey — fits in any wallet

Card format tray

Same size as a credit card. Fits in any wallet without adding volume. NFC works without removing the key. Made in Spain.

✅ Ideal for: carrying it with you at all times without taking up space
View product
On your keychain Keychain with case for YubiKey NFC — daily protection

Keychain case with lanyard

Protects the key from bumps and scratches from daily use. Attached to your keychain always at hand. Made in Spain.

✅ Ideal for: carrying it with your house keys
View product

Frequently asked questions

What happens if I don't set up the FIDO2 PIN?

Many services work without a PIN. But some — especially corporate environments and certain password managers — require it. If you don't have it configured when you need it, you'll have to set it up at that moment. It's better to set it up from the beginning.

Can I register the YubiKey on multiple services at once?

Yes. A single YubiKey can be registered on dozens of services at the same time. There is no practical limit on the services side — the limit depends on the number of FIDO2 credentials stored on the key itself, which varies depending on the model.

Does the YubiKey work on mobile?

Yes, if your model is NFC (YubiKey 5 NFC or 5C NFC). Just tap it to the back of your phone when the service asks for it. You don't need to insert it or install any app.

What's the difference between the primary YubiKey and the backup?

Nothing technical — they're the same. The difference is in usage: one you carry with you every day, the other you keep at home or in a safe place. Both should be registered on the same services for the backup to actually work.

YOU MIGHT BE INTERESTED

YubiKey Manager: how to configure and manage your key step by step YubiKey Manager: how to configure and manage your key step by step
Back to blog
1 3
View all

Protection for your Yubikey