Yubikey 5C
: Resources & Documentation


The Yubikey 5C
The YubiKey 5C offers top-of-the-line multi-protocol protection in a compact design specifically tailored for the USB-C ports on your laptops, servers, and tablets. Designed to radically eliminate the risks of hacking and phishing through identity theft, it brings together all current security standards to protect your business connections, administrator access, and personal accounts with a single action.
Technical Specifications for the Yubikey 5C
Interfaces & Connectivity
The YubiKey 5C uses a native USB-C interface (USB 2.0-compatible). All of the key's applications and security protocols are accessible through this single interface.
OTP (One-Time Password) Module
The OTP applet includes two programmable, independent slots. Each slot can be configured independently to store and generate one of the following types of identifiers:
Yubico OTP
HMAC-SHA1 Challenge-Response
Static Password
OATH-HOTP (Counter-based)
OATH Module (Application-Based Two-Factor Authentication)
The YubiKey 5C can store up to 32 OATH credentials (supporting both time-based OATH-TOTP and counter-based OATH-HOTP protocols). These codes are generated and accessed through the Yubico Authenticator app.
OpenPGP Module
This submodule implements the OpenPGP specifications for smart cards and integrates natively with GnuPG for encryption, digital signing, and SSH key authentication.
Protocol Updates: Version 2.0 of the OpenPGP specifications is enabled by default. Starting with firmware version 5.2.3 (and later), the key implements version 3.4 of these specifications.
Software requirement: To use key sizes greater than 2048 bits, GnuPG version 2.0 (or later) is required on the host operating system.
Supported basic algorithms: RSA 1024, RSA 2048, RSA 3072, RSA 4096.
Additional Algorithms (Firmware 5.2.3 and later):
Elliptic curves: secp256r1, secp256k1, secp384r1, secp521r1
Brainpool: brainpoolP256r1, brainpoolP384r1, brainpoolP512r1
Edwards/Montgomery: curve25519, x25519 (decryption only), ed25519 (signature and authentication only)
Physical specifications
Form factor: Compact flash drive with an ergonomic intermediate design.
Connector: USB-C.
Dimensions: 12.2 mm x 29.1 mm x 4.8 mm.
Weight: 2 g.
Environmental resistance: Sealed thermoplastic housing, fully waterproof and crush-resistant. Operates without any batteries or moving mechanical parts.
Safe temperature ranges:
Operating temperature range: 0 °C to 40 °C
Storage temperature range: -20 °C to 85 °C
FIDO2 / WebAuthn Protocol
Supports secure single-factor, multi-factor (2FA), or completelypasswordless authentication.
Storage capacity: This module can store up to 100 resident keys (Passkeys / discoverable identifiers).
Enhanced security: Your login credentials are protected locally by a PIN that you set yourself.
Authentication mechanism: Once the key is unlocked with your PIN, simply touching its gold-colored touch sensor confirms your physical presence and logs you in instantly, without having to enter a username or password. The FIDO2 app is certified by the FIDO Alliance.
FIDO U2F Protocol
The U2F (Universal 2nd Factor) app is certified by the FIDO Alliance. It allows users to generate and store an unlimited number of credentials to serve as a second factor of authentication (2FA) that is impervious to remote attacks.
PIV Module (Smart Card)
This module provides a smart card interface that complies with PIV (Personal Identity Verification) standards. In the Microsoft Windows environment, the device's integration and performance are optimized through the use of the official YubiKey Smart Card minidriver.
Default values and secrets:
PIN:
123456PUK code:
12345678Management Key:
010203040506070801020304050607080102030405060708
Supported algorithms: RSA 1024, RSA 2048, ECC P256, ECC P384.
Slot Architecture and Mapping:
Slot 9a: AuthenticationSlot 9b: Management KeySlot 9c: Digital SignatureSlot 9d: Key ManagementSlot 9e: Card AuthenticationSlot f9: CertificateSlots 82-95: Retired Key Management