Yubico OTP is a simple yet strong authentication mechanism that is supported by all YubiKeys out of the box. Yubico OTP can be used as the second factor in a 2-factor authentication scheme or on its own, providing 1-factor authentication.
The most common pattern is to use Yubico OTP in combination with a username and password:
If you prefer to not use YubiCloud, you can instead host a verification server yourself.
Apart from the general advantages of 2-factor authentication, Yubico OTP has the following characteristics:
No client software needed. The OTP is just a string. If you can send a password, you can send an OTP.
YubiKey ID embedded in OTP. This allows for self-provisioning, as well as authenticating without a username.
Easy to implement. Using YubiCloud, supporting Yubico OTP is not much harder than supporting regular passwords.
While not required, it can be interesting and useful to know how a Yubico OTP is generated. This is explained in OTPs explained.