![]() You'll see the YubiKey model, firmware version, and serial number shown in the application.ĭetermine which OTP slot you'd like to configure and click the Configure button for that slot. Wait for the YubiKey Manager to recognize your YubiKey. To create or overwrite a YubiKey slot's configuration: There is no way to read your existing "Public ID" (if you did not use the device serial), "Private ID", and "Secret Key" information off the token once it has been written. When you open the Yubico OTP settings (under Applications), you may generate a new "Public ID", "Private ID", and/or "Secret Key", but these are not written to the token unless you actually click the Finish button. Configure with YubiKey Managerįirst, download and install the YubiKey Manager. You must upload the new credential to YubiCloud to continue using that service. If you are using your YubiKey with a service that integrates with Yubico's OTP service and you overwrite that factory configuration in the first slot, you cannot recover that configuration. ![]() You will no longer be able to use the YubiKey to log into other services unless you also update the stored secret information there. If you are already using this YubiKey with an existing service, the following steps will overwrite the stored secret for that service. When the YubiKey is shipped its first configuration slot is factory programmed for the "Works with YubiKey" YubiCloud OTP service and the second configuration slot is blank. The second slot is used if the button is touched between 2 and 5 seconds. The first slot is used to generate the passcode when the YubiKey is touched for between 0.3 and 1.5 seconds and released. Generate YubiKey ConfigurationĮach YubiKey with OTP support has two slots. Verify your YubiKey's capabilities at the Yubico site. This information applies to YubiKey tokens that support one-time password (OTP) functionality, like the YubiKey 5 series or YubiKey 4 series. If you do not know the current stored secret you can use the YubiKey Manager to reconfigure the YubiKey. To use a YubiKey hardware token you will need to enter its stored secret in your Duo Admin Panel. See the Duo User Guide for examples and instructions for the complete security key user experience with Duo Passwordless, Duo Universal Prompt, and the traditional Duo Prompt. ![]() Guide: YubiKey Bio Series Fingerprint Enrollment Users will need to configure the PIN or enroll their finger for use with their YubiKey as instructed by Yubico before trying to set up Duo Passwordless using their YubiKey. Only FIDO2 security keys that support user verification in the form of a PIN or biometric, like the YubiKey 5, YubiKey Security Key, or YubiKey Bio series, work with Duo Passwordless. YubiKeys that support FIDO or FIDO2 standards work as a WebAuthn security key for Duo two-factor authentication in Duo Universal Prompt and traditional Duo Prompt when you enable the "roaming authenticator" authentication method in the effective Duo policy for a given user and application. ![]() Duo does not resell YubiKeys.Īrticle: How to select the correct YubiKey YubiKey as a Duo Roaming Authenticator Purchase YubiKeys from Yubico or other major retailers like Amazon. Both WebAuthn/FIDO2 and passcodes - To support both types of authentication methods with one YubiKey you must choose YubiKey 5 or YubiKey 5 FIPS series.Hardware token passcodes - select YubiKeys that support "OATH - HOTP".WebAuthn, roaming authenticator, or security key - select YubiKeys that support "WebAuthn" and "FIDO2".Use the Yubico product comparison charts to determine the right YubiKey to buy for your use case. As an OTP-generating hardware token for any Duo application which supports passcodes for two-factor authentication, including administrator login to the Duo Admin Panel.As a WebAuthn passkey for Duo administrator logins to the Duo Admin Panel.As a two-factor security key used during browser-based authentication featuring Duo's traditional prompt or Universal Prompt.As an authenticator for Duo Passwordless logins.Overviewĭuo supports use of Yubico YubiKeys in a variety of authentication scenarios: Learn how YubiKeys work with Duo for authentication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |