Using Your YubiKey with Authenticator Codes

Applicable Products


These instructions show you how to set up your YubiKey so that you can use two-factor authentication to sign in to any account that requires authenticator codes. Example sites where you can use codes to authenticate include Amazon, Dropbox (if you aren't using U2F), Evernote, Facebook, and many others. To use a code at one of these sites, you use an application, such as Google Authenticator, to generate the codes. The codes generated are OATH-TOTP codes, a type of one-time password, that are usually six-digits. You can use Yubico Authenticator, which is similar to Google Authenticator. We have created both a desktop and mobile version of this app for you to use so you can use it on a Windows, Mac, Linux, or Android. 

Instructions

Software tools referenced in these instructions can be found on our Downloads page. Need help Identifying Your YubiKey?


Setting Up Your YubiKey in Yubico Authenticator for Desktop

Requirements

Instructions

  1. Enable two-factor authentication for your service. Usually, you will do this by selecting Settings or Security, and then selecting the option to Enable two-factor authentication. TIP: Some services call this "two-step verification."
  2. Select the option to use a mobile app, or Google Authenticator. A QR code should appear.
  3. Open Yubico Authenticator for Desktop and plug in your YubiKey.
  4. Click the + button. If the QR code is not scanned automatically, make sure it is not partially blocked by another window and click SCAN.
  5. Before adding the credential, you have the option to adjust the following settings. Note that these cannot be adjusted after saving the credential.
    1. Issuer - Defines the service name
    2. Account name - Defines the account holder name
    3. Require touch - Toggles the requirement to touch the YubiKey in order to display the OATH code on (checked) or off (unchecked). Note that this is set on a per-credential basis; in other words, each credential can have this set differently.
  6. Once you are satisfied with the configuration, click ADD.
  7. If you have one or more backup YubiKeys, unplug the YubiKey that is currently plugged in, insert one of your backup keys, and follow through steps 4-6 again. Consider saving a copy of the QR code (or secret key) somewhere safe so you have the ability to program the credential into future backup YubiKeys, etc.
  8. Complete the setup process on the website. This typically involves entering a one-time password from Yubico Authenticator, and potentially re-entering your login password.

You have successfully configured your YubiKey for authenticator codes!


Setting Up Your YubiKey 5 NFC or YubiKey NEO with the Yubico Authenticator for Android App

Requirements

Instructions

  1. Enable two-factor authentication for your service. Usually, you will do this by selecting Settings or Security, and then selecting the option to Enable two-factor authentication. TIP: Some services call this "two-step verification."
  2. Select the option to use a mobile app, or Google Authenticator.
  3. You will need to copy the text string as well as scan the QR code. Click enter your secret key manuallyand copy the text of the code and paste it into a text file now.
    • Be sure to save a copy of the secret key. You can use this to create a backup copy of your YubiKey configured to use authenticator codes. It is always best security practices to ensure you have a backup YubiKey.
  4. Open the Yubico Authenticator app.
  5. Tap the control icon to open the menu.
  6. Select Scan account QR-code, and then scan the QR code from the web page.
    • Be sure to save a copy of the QR code in a safe place. You can use this to create a backup YubiKey configured to use authenticator codes. It is always best security practices to ensure you have a backup YubiKey.
    • Note: To manually add the secret key, select Add account manually, then enter the credential name, and type the secret key that you previously saved as a backup.
  7. On the web page, click Next. You have successfully configured your YubiKey for authenticator codes!
  8. To view the credential, tap and hold your YubiKey on the back of your phone where the NFC antenna is located. Yubico Authenticator displays the six digit code associated with this credential. This is the code you need to enter to authenticate when using two-factor authentication.

Logging on to Your Account

Once you have configured your for two-factor authentication, you must log on to that service using a code generated by Yubico Authenticator..

  1. Open Yubico Authenticator.
  2. Log on to your account with your user name and password as usual.
  3. Find the authenticator code you need:
    • Desktop: Launch Yubico Authenticator for Desktop and insert your YubiKey. The code is shown next to the service's credential.
    • Mobile: Launch Yubico Authenticator for Android, and tap and hold your YubiKey 5 NFC or YubiKey NEO against the NFC antenna on the back of your phone. The code is shown next to the service's credential. Note: If you set the credential to require touch, you will need to tap the YubiKey against your phone a second time (this is how touch is implemented over NFC, as NFC does not provide enough power for the capacitive touch sensor on the YubiKey to function).
  4. Enter the code on the website and click Sign In (or similar). TIP: In Yubico Authenticator for Desktop, you can double-click the code, and then paste it into the field for the authenticator code.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.