Yubico Authenticator when combined with the YubiKey 5 Series adds a layer of security for your online accounts. It works by generating 2-step verification codes on either your mobile or desktop device through the OATH-TOTP security protocol. It's important to note that Yubico Authenticator requires a YubiKey 5 Series to generate these OTP codes. The Security Key Series does not support authenticator codes.
The Yubico Authenticator app works across Windows, macOS, Linux, iOS and Android.
You can download Yubico Authenticator here.
There are many differences between Yubico Authenticator and other authenticators. In most authenticator applications, the secrets are stored on your phone or computer, which can be compromised or stolen. Yubico Authenticator stores the credentials in the secure element of the YubiKey, and secrets cannot be extracted from the YubiKey.
That means that regardless of if you lose or change your phone, or have lost access to Yubico Authenticator, you will not be locked out of your accounts. This is because all the secrets (OTPs that are used to authenticate into your account) are stored on your YubiKey and not the application. All you need to do is download the app on a desktop or mobile device, plug in your key (or scan over NFC, if the YubiKey model and device support it), and you will have access to all the authenticator credentials stored on the YubiKey.
To learn more about how to use Yubico Authenticator with the services you want to secure, refer to this article for more information.
You can also watch this short video which shows you generally how Yubico Authenticator works across your different devices.
If you are planning on registering a spare key with your accounts, it's important to save the QR code generated when initially setting up the service. You can read more about this in the OATH-TOTP protocol section of the spare key registration guide here.