This information is based off of DSM 7.2 and maybe deprecated we would recommend checking the latest information based in the knowledge base on Synology's Website found here
Note: In order to follow the steps in this guide, your Synology device must run DiskStation Manager (DSM) 7 or newer. If your device does not support DSM 7+, or you prefer to run an older version, you may still be able to use YubiKeys via authenticator app two-factor authentication. For general guidance on this, see Using Your YubiKey with Authenticator Codes, and for details specific to DSM, see this Synology article (under the section 2-Step Verification).
Prerequisites required for Passwordless on Synology:
- A YubiKey series 5 or better
- Your DSM has a valid domain name which is accessible over HTTPS. The domain name cannot be an IP address or a QuickConnect address.
Configure Passwordless Sign-In
Note: This must be done for each account on your Synology device.
- On the upper right of DSM, click the account icon ()
- Select Personal
- Under Account > Sign-in Method, select Passwordless Sign-In
- Select Security Key
- Accept the windows from the browser and touch the security key when instructed
- Name the security key
Your key is now registered and should work to sign you in to DSM both in a passwordless flow, as well as one where the key is used for second-factor authentication (after you enter your username and password).
For more details, please see this Synology article.