You can also login to Windows via smart card if you have the right back-end infrastructure. However, you can use the smart card functionality of all the current YubiKeys other than the U2F only key (that's the 4 series, NEO and the FIPS range) to secure all manner of services and applications including VPN applications. My applications for these devices are all about securing trusted credentials used once the system is up and running.
You can do so many different things with a YubiKey. There are relatively few private individuals who use smart cards with computers, though most bank cards are now smart cards.Īs you rightly note, Paul, the various card readers tend to disconnect from the system when no card is inserted, so it is often necessary to insert a card to update the drivers. The Yubikey also supports U2F (the security key standard used by Google and other companies on the web), is a secure store for OTP credentials that are used for two-factor authentication on many web sites (the sort that are issued as a QR code and result in a 6 or 8 digit number) and has a proprietary one time password system used by web sites such as LastPass for two factor authentication. I carry my personal certificate for S/MIME e-mail and my PGP credentials in a Yubikey NEO it is much more convenient for me to use a USB device rather than require smart card readers on all the systems I use. For example, you can use most built in smart card readers with a PGP card if you choose to carry PGP credentials in that format. There are other smart cards used in various systems. The latest CACs - perhaps all current CACs - conform to the Personal Identity Verification (PIV FIPS 201) standard.