Okta | Yubikey

Summary

This article guides users through the process of registering their YubiKey as a Multi-Factor Authentication (MFA) authenticator. YubiKey, a hardware authentication device, enhances security by requiring physical presence to authenticate.

Body

When to Use?

Using a YubiKey as an MFA authenticator in Okta is ideal for enhancing security, especially when handling sensitive information, complying with regulations, or working in high-risk environments. It offers strong protection against phishing attacks. YubiKey is particularly beneficial for users who prefer hardware-based security. Additionally, it supports multiple devices and platforms, making it a versatile choice for securing access across various setups.

Procedure

Registering Your YubiKey as an MFA Authenticator in Okta

  1. Preparation

    • Ensure you have your YubiKey device.
    • Make sure you have access to your Okta account.
  2. Log in to Your Okta Account

    • Open your web browser and navigate to https://my.gvsu.edu.
    • Enter your username and password to log in.
    • If you are a new user who has not previously logged into Okta, has not registered any other MFA authenticator, or had their MFA authenticator reset by IT, you can go to step 5 after entering your username and password.
  3. Navigate to Security Settings

    • After logging in, click on your name or profile icon in the upper-right corner of the Okta dashboard.
    • Select Settings from the drop-down menu.
    •  Security Settings
  4. Add a New Authenticator

    • Scroll down to the Security Methods section.
    • Click on Set up next to the Security Key or Biometric Authenticator option.
    • Security Key or Biometric Authenticator
  5. Register Your YubiKey

    • A new window will appear, prompting you to register your security key.
    • Click on Set up next to the Security Key or Biometric Authenticator
    • Yubikey Setup
    • Insert your YubiKey into a USB port on your computer (or connect via NFC if using a supported device).
    • At this point, if your device has another means of authentication, such as Apple’s Touch ID or Microsoft Hello, you may be prompted to select from a few different options. In this case, you will want to select “Security key” from the list (you may have to navigate to the “use another device” option within the first menu prompt).
    • Security Options - Windows OS
    • Security Options - MacOS
    • Follow the instructions and touch the key when prompted to do so. (Macs might not give you the prompt, so watch for the blinking light on the YubiKey and touch the key if it starts to blink.)
    • Continue setup
  6. Complete Registration

    • Follow any additional on-screen instructions to complete the setup.
    • Verify
  7. Test Your YubiKey

    • Once registration is complete, log out of your Okta account.
    • Attempt to log back in. After entering your username and password, you should be prompted to use your YubiKey.
    • Insert your YubiKey and touch the button when it lights up to authenticate.
  8. Confirm Setup

    • If the login is successful, your YubiKey has been successfully registered as an MFA authenticator for your Okta account.
    • If you encounter any issues, repeat the steps or contact your IT services team for assistance.

Additional Tips

  • Secure Storage: Keep your YubiKey in a secure place when not in use to prevent loss or theft.
  • Yubikey Removal: The YubiKey can be safely removed once the user is logged in. However, it will need to be reinserted if the user needs to re-authenticate.

Details

Details

Article ID: 20137
Created
Wed 7/3/24 4:14 PM
Modified
Wed 7/3/24 4:23 PM