Enroll a YubiKey hardware token for use with Duo

Tags PK18

Issue/Question

  • How do I enroll a YubiKey hardware token for use with Duo?
  • I want to set up and enroll a hardware token for use with Duo Security

Scope

Environment

  • Duo Security Two-factor Authentication
  • YubiKey 4 Series Security Key
    • YubiKey hardware token
    • U2F hardware device
    • U2F authenticator
    • U2F security token
  • Chrome

Rationale

  • Two-factor authentication adds a second layer of security to your Miami account. It allows you to verify your identity using a second factor — your smartphone or other mobile device, U2F device, or landline — and prevents anyone else from logging in to your account

Resolution 

  1. In your Chrome browser, go to the Yubico site to start the YubiKey personalization tool
    • YubiKey enrollment requires the use of your Chrome browser 
  2. Insert the YubiKey into the USB port of your device and wait for it to be recognized by the tool
  3. Click Yubico OTP mode
  4. Click Quick
  5. Select configuration slot 1
    • Select slot 2, if slot 1 has already been configured for another use
  6. Click Regenerate
  7. Uncheck the Hide values checkbox and note the serial number (in decimal), Private Identity, and Secret Key
  8. Click Write Configuration 
    • It may be necessary to confirm yes to overwrite and supply a logfile name and destination
  9. Log in to the Duo Self Service Portal 
  10. Click Add a new device
  11. Select U2F
    • A pop-up will prompt you to touch the YubiKey
  12. Click Continue to Login
  13. You will be prompted once more to touch the YubiKey to complete the authentication

 

Notes

 

Was this helpful?
0 reviews

Details

Article ID: 60340
Created
Tue 8/14/18 12:33 PM
Modified
Thu 11/8/18 12:22 PM
Can you resolve this issue yourself?
Can the end-user resolve the issue using the instructions given?
Or does the end-user need to request assistance from Miami UIT, a client office, or a vendor?
Yes! This is self-service with a smile.