This guide is intended for all Microsoft Office 365 or Azure users that would like to improve the security of their accounts by registering a YubiKey as a Security Key.
This document describes the necessary steps to register a YubiKey (security key) to a Microsoft account. All Yubico’s products - YubiKey 5 Series, YubiKey Bio Series and Security Key Series - are compatible with this procedure.
Step 1: Go to your Microsoft account profile configuration page: https://aka.ms/mfasetup
Step 2: Connect to your account using the authentication methods currently available to you (if you are configuring your Azure account, you can request a Temporary Access Pass - TAP - to your administrator)
Step 3: Click on “Add sign-in method”
Step 4: Select the option “Security Key” and then click on “Add”
Step 5: At this point, the browser may present you with a QR code for you to register a Passkey. Click on the “Try another way” button or touch your YubiKey. Then select the option “External security key or built-in sensor” and confirm the Windows Security pop-ups by clicking on the “OK” button.
Note: If you are using your YubiKey (FIDO2) for the first time, the browser will ask you to create a new PIN code. Type the PIN code and confirm it and then click on “OK”
Step 6: Give your YubiKey a nickname and click on “”. At this point your YubiKey is registered to your account.
Note: Repeat the steps in this guide to register multiple YubiKeys to your account (up to 10). We advise you to have at least 2 (primary and backup keys).