Depending on the iOS hardware platform, there are two methods for using a YubiKey with iOS. The YubiKey 5Ci can connect directly to an iOS device via a Lightning connector, while a YubiKey NFC allows for OTP (one-time password) communication over NFC (near-field communication) on NFC enabled Apple devices. For developers, the Yubico Mobile iOS SDK (software development kit) can be integrated into your apps to enable the YubiKey 5Ci and NFC enabled YubiKeys to interact with iOS apps beyond sending touch-triggered OTPs (e.g. WebAuthn, TOTP, PGP, and Challenge-Response).
Using Your YubiKey 5Ci on iOS
The YubiKey 5Ci allows for direct connection to an iOS device. The functionality of the 5Ci is limited to Yubico OTP without an app or browser that specifically supports the YubiKey 5Ci over Lightning, such as 1Password and LastPass. Here's a list of iOS apps that are known to work with your YubiKey 5Ci.
When using the YubiKey 5Ci without one of the above mentioned apps, the key is a capable touch-triggered Yubico OTP device. The touch-triggered experience on iOS is very similar to a desktop. After connecting the YubiKey 5Ci to your iOS device, you can short press (1 second) any metal contact to activate the credential, which then begins typing out the Yubico OTP 44-character string.
Testing Yubico OTP using YubiKey 5Ci on iOS
If you would like to test your YubiKey on iOS using Yubico OTP, follow the steps below:
- Connect your YubiKey to your iOS device via the Lightning connector.
- Wait until the green light in the touch button is blinking, indicating the iOS device has detected the YubiKey.
- If a dialog box appears with the message “The connected device is not supported” the first time the YubiKey is plugged into your device, simply click OK to exit the dialog box.
- Open Safari and browse to https://demo.yubico.com/otp/verify.
- Tap on the text field just above the VALIDATE button. This should bring up the virtual keyboard.
- Touch the metal contact on your YubiKey. The YubiKey will type the 44-character OTP string into the text field and send it to the server.
- Verify it succeeded with "OTP is valid" message.
Note: If the One-Time Password verification fails and begins with a capital letter, check to be sure you have turned off auto-capitalization in the iOS preferences. This setting is turned on by default. To turn it off, go to Settings > General > Keyboards, and slide the setting to turn off Auto-Capitalization.
Using Your YubiKey NFC on iOS
Just like the YubiKey 5Ci over Lightning, any NFC-Enabled YubiKey can be used with iOS for passing Yubico OTP codes via NFC on an iPhone 7 and above. If you want to use an NFC-Enabled YubiKey on iOS for anything other that Yubico OTP, you'll need to use (or build) an app or browser that specifically supports NFC communication with a YubiKey.
Testing Yubico OTP over NFC on iOS
If you have an iPhone that supports background NFC NDEF tag reading (requires iPhone XS and later) and would like to test your NFC-enabled YubiKey on iOS, follow the steps below:
- Ensure NFC communication is supported on your iPhone.
- Hold the YubiKey NFC key to the back of your phone.
- Tap the "WEBSITE NFC TAG" taking you to a shortcut URL in iOS Safari.
- You should see your Yubico OTP code pasted into the field. Tap VALIDATE.
- The OTP code is passed to the YubiCloud OTP validation server. Verify that you see "Validation Successful".
You may need to move your YubiKey on your iPhone to find the best location for the NFC communication to occur.