Blog How to use a YubiKey for two-factor authentication

How to use a YubiKey for two-factor authentication

Posted on Dec 27, 2020 in Software

Best practices exist, and so does better security

I recently setup a YubiKey 5 NFC with one of my password manager apps and decided to document the process for anyone that might be interested in using a YubiKey for two-factor authentication (2FA).

If you're finding yourself using your phone as a second method of authentication when signing into things like your bank account or social media, and would rather have a dedicated button you could press instead, then a YubiKey is what you're looking for.

Product details

A YubiKey will cost about $45.00 (Yubico.com).

The maker of the YubiKey, Yubico, describes their product as:

"YubiKey is a key-sized device that you can plug into your computer’s USB slot, mobile device's USB-C or Lightning port, or scan using an NFC-enabled mobile device to provide an additional layer of security when accessing your LastPass Account"

Integrations

I took a quick look through what applications supported the YubiKey 5 NFC, and found plenty of services that I use:

  • Password managers (1password, LastPass)
  • Website management software (Drupal, Shopify)
  • Video game platforms (EPIC, EA, Nintendo)
  • Web browsers (Safari, Brave, Opera, IE)
  • Social networks (Facebook, Twitter, Reddit, YouTube)
  • Cryptocurrency exchanges (Gemini, Kraken)
  • Git repositories (GitLab, GitHub)

For more, check out https://www.yubico.com/works-with-yubikey/catalog/...

Tutorial

For this tutorial, I will be focusing on setting up my YubiKey with 1Password. Using a YubiKey with other products will likely be similar, but slightly different.

Running through this process will replace the six-digit authentication code process when signing into your vault in the browser or on an iOS/Android device.

  1. Visit Yubico.com/start and select your device

  1. Select 1Password from the YubiKey catalog

  1. Click on the Get Setup Instructions button

  1. Configure 1Password to use 2FA

    1. Sign in at my.1password.com, click your name in the top right corner and select My Profile

    2. Click More Actions and select Manage Two-Factor Authentication

    3. Click Add a Security Key, enter a name and click Next.

    4. Connect your YubiKey to your computer via USB.

    5. Touch the sensor (circle) and click Done when it appears.

And that's it.

Is there an error, or incorrect information in this post? Let me know!