For security, the firmware on the YubiKey does not provide functionality for secrets to be read from the device after they have been written to the device. Therefore you cannot duplicate or back up a YubiKey or Security Key under normal circumstances. For this reason, we recommend having a backup device and registering both with your accounts so that if one is lost or broken you can use the other to log in.
The only exceptions to this are the few features on the YubiKey where if you backup the secret (or QR code) at the time of programming, you can later program the same secret onto a second YubiKey and it will work identically as the first. These features are listed below.
-
Static Password
-
HMAC-SHA1 Challenge-Response
-
OATH-TOTP (Yubico Authenticator)
For instructions on setting up a spare YubiKey, please see our article here.