This post is focused on setting up your accounts to use Yubico Authenticator on a Yubikey. If you are looking to add your Yubikey as a hardware token / security key, check out my other post ( https://bigboystoys13.blogspot.com/2021/09/yubikey-adding-security-key-to-your.html ). If you don't have a Yubikey yet, you might want to check out this post instead ( https://bigboystoys13.blogspot.com/2021/09/yubikeys-quick-review.html ).
The Yubico Authenticator works similar to many other Authenticator apps like Google Authenticator, Microsoft Authenticator and many others offer. A main difference with Yubico's option is that the information is stored on your Yubikey, not on your computer or other device. Of course remember this also means if you lose your Yubikey you lose that authentication option so always make sure you have alternate / backup options.
Before you start setting up accounts
- Make a list of the accounts you want to setup. It helps to keep track in case you lose your Yubikey or need to change your setup later.
- If you have more than one hardware token, have them all ready.
- Give each key a unique nickname, in case you need to remove/disable it later. If the devices have different colors or are different models that makes it easy. If you have two of the same device, maybe use part of the serial # or use stickers to tell them apart. The nickname can be based on where you store it (Safe, Keychain) whatever makes sense to you even a year or two later.
- Make sure you setup the Yubico Authenticator on the device you plan to use for setting up your accounts. I would recommend you consider adding a password (on Android you can go to the 3 dots and choose "Change password" to require a password to access the codes).
TIP: If you are setting up two Yubikeys, you could do the setup of one on one device (computer for example) and the other on another device (your phone for example). It will keep you from having to swap keys on a single device.
Steps to setup Yubico Authenticator
1) Go into your account settings and then security settings. Here are some sample steps for various sites:
PayPal: Settings > Security > 2-step verification
Amazon: Account > Login & Security > Two-Step Verification (2SV) Settings
If you can't find the option in your settings area search the support/help area of your page or contact support for the site.
2) Find the option to add an authenticator app, normally it will show a QR code that you can scan. Once you scan the QR code, you should get a code that changes every minute or so in your Authenticator app. If you are using two devices at the same time you can visually compare the generated codes to make sure they are the same otherwise, once you are done setting everything up it would be good to test each Yubikey that you configured. I did notice that sometimes I had to swipe down in the app to get the code to refresh.
3) You might want to consider disabling the SME/text message option, go check out my other post ( https://bigboystoys13.blogspot.com/2021/09/yubikey-adding-security-key-to-your.html ) near the end section 4 explains a little more about this.
Useful Yubico Links:
Yubico Authenticator - https://www.yubico.com/products/yubico-authenticator/
No comments:
Post a Comment