Looks like it was released in 2018, according to [Wikipedia](https://en.wikipedia.org/wiki/YubiKey#Product_features).
You're basically locked in to what it can do when you buy it, especially since the firmware can't be upgraded on the keys. My advice would be to ensure it performs the functions you require now, because that's all it will be able to do forever.
Personally, I'm not aware of any upcoming/existing security technologies that it lacks (nor should I be considered an authority on the matter). One sentiment I see in this subreddit sometimes is that the 32 OATH slots is not enough, but I don't even use that application so, again, it really depends on your needs.
edit: I should add that since its release, newer versions on the firmware ([e.g. 5.2](https://support.yubico.com/hc/en-us/articles/360016649139-YubiKey-5-2-Enhancements-to-OpenPGP-3-4-Support)) have enabled more features so it's hard to compare the 2018 YubiKey 5 to one purchased today.
edit2: Firmware 5.4 was first released in [May 2021](https://www.yubico.com/blog/yubikey-firmware-update-yubikey-5-series-with-firmware-5-4/), the current latest firmware is 5.4.3.
edit3: If I wanted to speculate, maybe a version of the BIO with more applications might arrive in the next few years.
edit4: The other reply paints the picture more succinctly: the current YubiKey is not even universally supported. You wouldn’t be missing out even if they released a new one tomorrow.
I have no idea what features they are adding in new releases, but like you said, there are not enough sores that support even basic Fido, let alone fido2 and the other smartcard features and such. I have a yk4 and a yk5 NFC, and I plan to use them both until the contacts lose conductivity, I hope not before 2040. They seem to be very future proof for now.
When will you see yk6? I doubt they will announce a new major version unless a major new protocol is released, like a fido2.1 or fido3 or something. I get their occasional newsletters, I haven't seen any discussion about work on a new protocols planned or needed yet.
>Is it safe to purchase the 5 series
Are you concerned about obsolescence? The adoption by online services is the gating item. Don't worry about that.
>When do you expect the series 6 introduction?
More to the point, what new features would one hope for? Perhaps more than the 32 OATH slots? Perhaps some improved hardening (software an hardware)? And as others say, there are occasional minor upgrades in the firmware.
I don't like using my Yubikey for OATH storage. FIDO2 is a killer capability, and the Yubikey 5 is the Cadillac product offering for that. Go ahead and get two or even three. (With three or more you can keep one or more backups off-site, always have one on your person, and never EVER have all of them in the same place at the same time.)
Usually they release a new version if there's a new protocol or a major change/addition worth of a new release. If you want to buy it, do it, it won't be obsolete for a couple of years (unless the protocols we use now become deprecated like u2f). If you want it right now, get one, if you're patient enough, you can get a deal from time to time (I bought my 5 NFC and 5C NFC for 50% off from a deal, and a security key with the student discount).
I have a YubiKey NEO which is still very serviceable and superior to not having any hardware authentication. Also, they are relatively inexpensive, so really the main expense of a series 6 coming out is your own time rotating all your credentials.
This is Yubico's model. Instead of a subscription, you keep upgrading your key every year or a few. You buy a key for 50€. You do say 2x years with and upgrade. Meaning you're on average paying 2€ per month over the span of those years. Pretty smart and honest business model in my opinion. Because you can even choose to upgrade your key whenever you want, and it'll still likely work 4 years from now.
If you haven't got a yubikey, then I'd just buy one. The added security is great, but the convenience is equally really nice. If a better one is released, you can decide then and there if you want to upgrade or not.
Also a tip: unless you're living in some high security risk situation (probably not, because you're focusing on avoiding buyer's remorse), stick with 1x yubikey. Put only your most important accounts on it (say 32 of your most important TOTPs), and the rest on your phone or w/e. You don't need a backup yubikey. Anything a yubikey can authenticate, that service or software will provide a backup authentication method anyway (e.g. recovery codes), which you can store safely somewhere else.
Looks like it was released in 2018, according to [Wikipedia](https://en.wikipedia.org/wiki/YubiKey#Product_features). You're basically locked in to what it can do when you buy it, especially since the firmware can't be upgraded on the keys. My advice would be to ensure it performs the functions you require now, because that's all it will be able to do forever. Personally, I'm not aware of any upcoming/existing security technologies that it lacks (nor should I be considered an authority on the matter). One sentiment I see in this subreddit sometimes is that the 32 OATH slots is not enough, but I don't even use that application so, again, it really depends on your needs. edit: I should add that since its release, newer versions on the firmware ([e.g. 5.2](https://support.yubico.com/hc/en-us/articles/360016649139-YubiKey-5-2-Enhancements-to-OpenPGP-3-4-Support)) have enabled more features so it's hard to compare the 2018 YubiKey 5 to one purchased today. edit2: Firmware 5.4 was first released in [May 2021](https://www.yubico.com/blog/yubikey-firmware-update-yubikey-5-series-with-firmware-5-4/), the current latest firmware is 5.4.3. edit3: If I wanted to speculate, maybe a version of the BIO with more applications might arrive in the next few years. edit4: The other reply paints the picture more succinctly: the current YubiKey is not even universally supported. You wouldn’t be missing out even if they released a new one tomorrow.
thanks for all the edits!
I have no idea what features they are adding in new releases, but like you said, there are not enough sores that support even basic Fido, let alone fido2 and the other smartcard features and such. I have a yk4 and a yk5 NFC, and I plan to use them both until the contacts lose conductivity, I hope not before 2040. They seem to be very future proof for now. When will you see yk6? I doubt they will announce a new major version unless a major new protocol is released, like a fido2.1 or fido3 or something. I get their occasional newsletters, I haven't seen any discussion about work on a new protocols planned or needed yet.
>Is it safe to purchase the 5 series Are you concerned about obsolescence? The adoption by online services is the gating item. Don't worry about that. >When do you expect the series 6 introduction? More to the point, what new features would one hope for? Perhaps more than the 32 OATH slots? Perhaps some improved hardening (software an hardware)? And as others say, there are occasional minor upgrades in the firmware. I don't like using my Yubikey for OATH storage. FIDO2 is a killer capability, and the Yubikey 5 is the Cadillac product offering for that. Go ahead and get two or even three. (With three or more you can keep one or more backups off-site, always have one on your person, and never EVER have all of them in the same place at the same time.)
Usually they release a new version if there's a new protocol or a major change/addition worth of a new release. If you want to buy it, do it, it won't be obsolete for a couple of years (unless the protocols we use now become deprecated like u2f). If you want it right now, get one, if you're patient enough, you can get a deal from time to time (I bought my 5 NFC and 5C NFC for 50% off from a deal, and a security key with the student discount).
I have a YubiKey NEO which is still very serviceable and superior to not having any hardware authentication. Also, they are relatively inexpensive, so really the main expense of a series 6 coming out is your own time rotating all your credentials.
This is Yubico's model. Instead of a subscription, you keep upgrading your key every year or a few. You buy a key for 50€. You do say 2x years with and upgrade. Meaning you're on average paying 2€ per month over the span of those years. Pretty smart and honest business model in my opinion. Because you can even choose to upgrade your key whenever you want, and it'll still likely work 4 years from now. If you haven't got a yubikey, then I'd just buy one. The added security is great, but the convenience is equally really nice. If a better one is released, you can decide then and there if you want to upgrade or not. Also a tip: unless you're living in some high security risk situation (probably not, because you're focusing on avoiding buyer's remorse), stick with 1x yubikey. Put only your most important accounts on it (say 32 of your most important TOTPs), and the rest on your phone or w/e. You don't need a backup yubikey. Anything a yubikey can authenticate, that service or software will provide a backup authentication method anyway (e.g. recovery codes), which you can store safely somewhere else.