Amazon Cognito vs. Yubico YubiKeys

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Amazon Cognito
Score 6.0 out of 10
N/A
Amazon Cognito is a mobile identity product that allows users to add user sign-up and sign-in to mobile and web apps, and authenticate users through social identity providers.
$0.01
Per MAU
Yubico YubiKeys
Score 9.4 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.N/A
Pricing
Amazon CognitoYubico YubiKeys
Editions & Modules
Starting Price
$0.01
Per MAU
No answers on this topic
Offerings
Pricing Offerings
Amazon CognitoYubico YubiKeys
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
Amazon CognitoYubico YubiKeys
Considered Both Products
Amazon Cognito
Chose Amazon Cognito
- Cost-Effective and cheaper than Okta for up to 100K users.
- Easy to set up and configure.
- Integration with other AWS services like Lambda, Pinpoint.
Chose Amazon Cognito
The service with Amazon is much better than Google's. When I can get Secure Passwords. OAuth, SAML, and More. It makes it great for a simple Integration. The startup was quick once we got a support case and a tech online. There has been limited Configurability. This was a …
Chose Amazon Cognito
AWS Cognito stacks up against others because it allows you to create unique identities for your users (Internal/vendors/customers) using a number of common public identity providers e.g. (Amazon, Facebook, and Google) and also support unauthenticated/anonymous guests. You can …
Chose Amazon Cognito
They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to …
Chose Amazon Cognito
Amazon Cognito is easier to set up, but Auth0 offers some nice things such as more logon screen custimizability. Auth0 seems to be aimed at developers but it still is quite easy to use and set up.
Chose Amazon Cognito
I've used bespoke solutions for password, email, and OAuth flows, I've used AuthZero, and I've used Okta. In all cases, Cognito wins:

Chose Amazon Cognito
We use our own build user manager at the moment which works okay in our current on-prem situation, but not great. Choosing for the cloud and AWS, in particular, allows us to use AWS Cognito for resiliency, ease of use, great features and scalability. Not all of which were as …
Chose Amazon Cognito
It is easier to build multi-factor single sign-on with Okta. Okta has better documentation and provides a better developer experience. It lacks Cognito's seamless integration with other AWS products, however, integration with other Amazon products (like Lambda for customizing …
Chose Amazon Cognito
When compared to Okta, I would say Cognito is still not up to pace with Okta. However, I guess they are constantly updating their features and will soon come with the new features. I would say Cogntio provides a better interface than Azure.
Yubico YubiKeys
Chose Yubico YubiKeys
We have not done any evaluations with other providers based on how Yubico supports the product.
Chose Yubico YubiKeys
We used to use something from Okta that has I think a passwordless authentication or readily get a notification that's an alternative, but it's software, not hardware. That's the other thing I would say. We have tried nothing else on the hardware side. Its hardware token, ease …
Chose Yubico YubiKeys
I don't think I've used anything else.
Chose Yubico YubiKeys
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever …
Chose Yubico YubiKeys
We actually were approach it to try it on and then we fell in love
Chose Yubico YubiKeys
If you compare it to authenticator apps, I'd say it's much more easy to set this up for the individual user. Well, it's Swedish. It's also very well documented. There are a lot of guides on how to use them and I have a lot of faith in the security posture of Yubico and how the …
Chose Yubico YubiKeys
I've never really used any other physical keys, I mean I've used multifactor authentication from Google Authenticator or Duo, but never another physical key, so this is my first experience with that.
Chose Yubico YubiKeys
I have used the tokens that display a little six-digit code that rotates, but I feel that's just like my phone does that, so why would I have a separate device for that? This at least provides a physical thing I have to either insert or tap to use. I think they're not …
Chose Yubico YubiKeys
I have tested the Google Titan Keys. I found Yubico YubiKeys to be a bit more durable and last longer. I've already had a few Google Titan Keys that have just gone out. They just stopped working. So the Yubico YubiKeys are a bit more lightweight and easier to fit on a key ring. …
Chose Yubico YubiKeys
I prefer Yubico YubiKeys because sometimes logging in with pass keys on an iPhone you have to do kind of two handshakes. One is the QR code and then doing a face ID. So that's an extra step versus the Yubico YubiKeys, which I can just put in and scan with my finger.
Chose Yubico YubiKeys
It's annoying to type in a OTP from an RSA token. Being able to simply touch the YubiKey is better.
Chose Yubico YubiKeys
Yubico YubiKeys seem more convenient. cryptocard might be slightly more secure because a pin or challenge is needed on each access.
Chose Yubico YubiKeys
Yucky 2 factor authorization was easier to use
Chose Yubico YubiKeys
We have thought about just trying another competitor for due diligence but have not explored that option yet. We went with Yubico YubiKey due to hearing about it at a conference and decided to start experimenting with the solution. We are pretty decided on what we are going …
Chose Yubico YubiKeys
Don't need to use personal devices
Chose Yubico YubiKeys
They offer ways to store passwords or MFA support, but most need a root password. In addition, LastPass and 1Password do not have much support for MFA. This results in a lack of MFA support. For Okta, although it offers MFA and SSO, the OTP can be very annoying to have as I do …
Chose Yubico YubiKeys
Yubico YubiKeys is slightly different than Duo but I do like that it's quick and easy. Our users like that they don't have to use personal phones.
Chose Yubico YubiKeys
Better solution and easy of use
Chose Yubico YubiKeys
Different products. Hard to compare. I use both.
Chose Yubico YubiKeys
When using HOTP Duo MFA fobs, the YubiKeys are much better because they are lighter weight, more durable, and easy to take everywhere.
Chose Yubico YubiKeys
Yubico YubiKeys make login seamless for our users compared to having to sync auth tokens between phones.
Chose Yubico YubiKeys
We used authenticator apps which aren't as quick.
Best Alternatives
Amazon CognitoYubico YubiKeys
Small Businesses
Dashlane Password Manager
Dashlane Password Manager
Score 8.9 out of 10
WatchGuard AuthPoint
WatchGuard AuthPoint
Score 9.1 out of 10
Medium-sized Companies
OneLogin by One Identity
OneLogin by One Identity
Score 9.6 out of 10
Cisco Duo
Cisco Duo
Score 9.5 out of 10
Enterprises
OneLogin by One Identity
OneLogin by One Identity
Score 9.6 out of 10
Cisco Duo
Cisco Duo
Score 9.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Amazon CognitoYubico YubiKeys
Likelihood to Recommend
8.0
(0 ratings)
9.4
(0 ratings)
Likelihood to Renew
-
(0 ratings)
9.0
(0 ratings)
Usability
8.0
(0 ratings)
9.2
(0 ratings)
Availability
-
(0 ratings)
9.9
(0 ratings)
Performance
-
(0 ratings)
9.9
(0 ratings)
Support Rating
7.0
(0 ratings)
-
(0 ratings)
Implementation Rating
-
(0 ratings)
8.8
(0 ratings)
Configurability
-
(0 ratings)
10.0
(0 ratings)
Ease of integration
-
(0 ratings)
10.0
(0 ratings)
Product Scalability
-
(0 ratings)
9.0
(0 ratings)
User Testimonials
Amazon CognitoYubico YubiKeys
Likelihood to Recommend
Well Suited
  1. B2C mobile and web apps with a high number of users.
  2. Cheaper and cost-effective.
  3. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc.
Not Suited For:
  1. Advanced use-cases (Biometrics based authentication) Email, and other MFA channels.
  2. For any use-cases needing SCIM.
  3. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services.
Read full review
When I used it as an engineer for a software company a few years ago, I would be able to continue doing work on the train ride into and out of the office. So that was an extra hour, two hours a day that I was able to access our systems and still be able to continue to work. So that was a lot of fun. Well, I don't know if stay fun, but it was nice to be able to have the access, not have to be connected directly to the corporate network.
Read full review
Pros
  • Strong integration with React.js and client-side applications
  • Easy to bridge Cognito identities with the rest of the AWS ecosystem
  • Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints
  • Easy integration with AWS Lambda to extend and add sophistication to the service
Read full review
  • I think the best thing is it has a lot of capacity and it's very, very secure. It can store a lot of private keys versus all the other products. We have reviewed a few other products, but Yubico YubiKeys gives a lot more capabilities than some of the other security key brands.
Read full review
Cons
  • SCIM implementation is not present.
  • B2B SaaS use-cases are very hard to configure. More suitable or B2C use-cases.
  • Needs more recipes, plugins, SDK's.
  • 2FA with Email as an OTP channel is not supported.
  • 2 FA using biometrics is not available; can be customised using lambda.
Read full review
  • It can be about access control because either right now it's just you have access or you don't have access. I think there can be a use case where you are allowed a particular set of servers and not a particular set of servers. I think maybe it's there or we don't use it, but I haven't seen that. I think I've used Yubico YubiKeys at two companies and I haven't seen that. Maybe that's something that can be added.
Read full review
Likelihood to Renew
No answers on this topic
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
Read full review
Usability
All the features AWS Cognito offers gives the user the options they need without making it too complicated. Your customers will be happy. On the administration site usability is also great. After a small learning curve, you can setup Cognito for your usage
Read full review
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
Read full review
Reliability and Availability
No answers on this topic
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
Read full review
Performance
No answers on this topic
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
Read full review
Support Rating
AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Read full review
We have only interacted with support once but it was quick and easily answered. Mostly just questions regarding adding this to certain apps.
Read full review
Implementation Rating
No answers on this topic
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
Read full review
Alternatives Considered
They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
Read full review
We used to use something from Okta that has I think a passwordless authentication or readily get a notification that's an alternative, but it's software, not hardware. That's the other thing I would say. We have tried nothing else on the hardware side. Its hardware token, ease of use, easy integration, more reliance on an external device like a phone or something. If your phone gets lost, then you are worried about your multifactor, no problems with this device.
Read full review
Scalability
No answers on this topic
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
Read full review
Return on Investment
  • Amazon Cognito has had a positive impact on our business by allowing us to develop services that require user sign-up and sign-in more rapidly. Not only do we not need to build or maintain these features, but Cognito's implementation is also better than what we would be justified in building ourselves.
  • Amazon Cognito makes user management easy. This reduces the time we have to spend supporting users. Non-technical product managers can even use the AWS Console to manage users without requiring support from developers.
  • Amazon Cognito is likely more secure than what would be built in-house; a portion of our attack surface is now managed by Amazon.
Read full review
  • I think it's the flexibility in being able to let users pick the type of authentications that they want to use. Some are comfortable with the touch device on the physical Yubico YubiKeys. Others prefer the mobile app. So it provides flexibility for our users to choose how they want to authenticate without running a file of our security requirements.
Read full review
ScreenShots