Description
Is there a reason why Yubico Security Key was not initially included? (After doing some work for another group, I back-tracked to this guide to double check some minutia.)
If a user is only using passkeys to log into accounts, then the less expensive Yubico Security Key (which is $25 for the USB-A version or $29 for the USB-C version) will work perfectly fine for passkeys/FIDO2 and U2F. (On the other hand, the YubiKey costs at least $50 to $75 each, depending on the exact model.)
The main features that the more expensive YubiKey devices offer is being able to use the following:
- the Yubico Authenticator application,
- CCID Smart Card feature (PIV-compatibile) features,
- OpenPGP features, and
- local database unlocking in KeePassXC.
(I also double checked the hardware security key page from Privacy Guides.)
If a user needs one of the features listed above, then purchasing YubiKey over Yubico Security Key is completely justified - I won't judge that. I'd rather be in the case where I recommend majority of users to buy the cheaper Yubico Security Key and then a small minority of them find out later that they actually need the YubiKey; rather than recommending everyone get the more expensive YubiKey and then majority find out later they overspent on what they got vs. what they actually need.
Last random fact: if you have any future plans to collect privacy &/or security friendly discounts for students (like in your recommended tools guide), then also put down that Yubico has an education discount with an active .edu e-mail address. IIRC, it's 20% off any security key (both Yubico Security Key and YubiKey) when you buy 2 devices (and only on the devices - the discount doesn't apply to any accessories, such as stickers). You also need to buy at least 2 devices to get free shipping (I think, but double check this).