Okta | Yubikey or Hardware Token

Summary

This article guides users through the process of registering their YubiKey as a Multi-Factor Authentication (MFA) authenticator. YubiKey, a hardware authentication device, enhances security by requiring physical presence to authenticate.

Body

When to Use?

Using a YubiKey as an MFA authenticator in Okta is an excellent way to enhance security, particularly when handling sensitive information, complying with regulations, or operating in high-risk environments. It provides strong protection against phishing attacks and is especially beneficial for users who prefer hardware-based security. Additionally, YubiKey supports multiple devices and platforms, making it a versatile choice for securing access across various systems.

Procedure

Registering Your YubiKey as an MFA Authenticator in Okta

  1. Preparation

    • Ensure you have your YubiKey device.
    • Make sure you have access to your Okta account.

  2. Log in to Your Okta Account

    • Open your web browser and navigate to https://my.gvsu.edu.
    • Enter your username and password to log in.
    • If you are a new user who has not previously logged into Okta, has not registered any other MFA authenticator, or has had your MFA authenticator reset by IT, you can proceed to step 5 after entering your username and password.

  3. Navigate to Security Settings

    • After logging in, click on your name or profile icon in the upper-right corner of the Okta dashboard.
    • Select My Settings from the drop-down menu.
    •  Security Settings
       

  4. Add a New Authenticator

    • Click Manage security methods or Security Methods on the side.
      Manage security methods
       
    • Click on Set up next to the Security Key or Biometric Authenticator option.Security Key or Biometric Authenticator
       

  5. Register Your YubiKey

    • A new window will appear, prompting you to register your security key.
    • Click on Set up next to the Security Key or Biometric Authenticator
    • Yubikey Setup
       
    • Insert your YubiKey into a USB port on your computer (or connect via NFC if using a supported device).
    • At this point, if your device supports other authentication methods, such as Apple’s Touch ID or Windows Hello, you may be prompted to choose from multiple options. In this case, select "Security Key" from the list. If you don’t see this option immediately, you may need to navigate to "Use another device" within the initial menu prompt.
    • Security Options - Windows OS
    • Security Options - MacOS
       
    • Follow the on-screen instructions and touch your YubiKey when prompted. (On Mac devices, you may not receive a prompt—watch for the blinking light on your YubiKey and touch it when it starts blinking.)
      Continue setup

  6. Complete Registration

    • Follow any additional on-screen instructions to complete the setup process.
      Verify

  7. Test Your YubiKey

    • Once registration is complete, log out of your Okta account.
    • Attempt to log back in. After entering your username and password, you should be prompted to use your YubiKey.
    • Insert your YubiKey and touch the button when it lights up to authenticate.

  8. Confirm Setup

    • If the login is successful, your YubiKey has been successfully registered as an MFA authenticator for your Okta account.
    • If you encounter any issues, repeat the steps or contact your IT services team for assistance.

Additional Tips

  • Secure Storage: Keep your YubiKey in a secure place when not in use to prevent loss or theft.
  • YubiKey Removal: The YubiKey can be safely removed once you are logged in. However, it will need to be reinserted if re-authentication is required.

Details

Details

Article ID: 20137
Created
Wed 7/3/24 4:14 PM
Modified
Wed 2/12/25 10:23 AM

Related Articles

Related Articles (10)

Okta & Duo | Remember Me For 7 Days
This article describes how to enable the remember me for 7 days on functionality on non-Okta applications like GVSU-WinLab.
Okta | Adding, removing, and updating multi-factor authentication (MFA)
This articles describes how to add, remove, and update multi-factor authentication for Okta such as Okta Verify or Google Authenticator
Okta | Dashboard Adding and Removing Apps
Guide on how to add and remove Okta apps from the Okta dashboard
Okta | Forgot Password & Updating Password
This guide describes how to use the Okta forgot password functionality and how you can also update your password to something new from the Okta portal.
Okta | Frequently Asked Questions (FAQs)
This article provides a set of Frequently Asked Questions (FAQs) about Okta, an identity management service that allows single sign-on access to multiple applications using one set of credentials. It covers essential topics such as initial setup, password recovery, adding applications, and using multi-factor authentication (MFA). The FAQs also guide users on how to resolve login issues, access mobile support, customize their dashboards, and where to find additional help.
Okta | General Information
This article describes what Okta is and how to use it. It also provides additional links to get started with Okta.
Okta | Getting Started
This guide will walk you through the registration process to setup Okta.
Okta | Install Okta Browser Plugin
Guide on how to install the browser plugin for Okta.
Okta | Okta Verify
This article provides a description of how Okta Verify can be installed and used.
Okta | VPN Usage
Important Notice Regarding VPN Usage and GVSU Resources