YubiKey Passwordless Login for Synology Devices


This information is based off of DSM 7.2 and maybe deprecated we would recommend checking the latest information based in the knowledge base on Synology's Website found here

 

Note: In order to follow the steps in this guide, your Synology device must run DiskStation Manager (DSM) 7 or newer. If your device does not support DSM 7+, or you prefer to run an older version, you may still be able to use YubiKeys via authenticator app two-factor authentication. For general guidance on this, see Using Your YubiKey with Authenticator Codes, and for details specific to DSM, see this Synology article (under the section 2-Step Verification).

 

Prerequisites required for Passwordless on Synology:

  • A YubiKey series 5 or better
  • Your DSM has a valid domain name which is accessible over HTTPS. The domain name cannot be an IP address or a QuickConnect address.

Configure Passwordless Sign-In

Note: This must be done for each account on your Synology device.

 

2022-05-20_11_56_24-Woehrle_Web_Storage_-_Vivaldi.png

 

  1. On the upper right of DSM, click the account icon (mceclip0.png)
  2. Select Personal
  3. Under Account > Sign-in Method, select Passwordless Sign-In
  4. Select Security Key
  5. Accept the windows from the browser and touch the security key when instructed
  6. Name the security key

Your key is now registered and should work to sign you in to DSM both in a passwordless flow, as well as one where the key is used for second-factor authentication (after you enter your username and password).

 

For more details, please see this Synology article.