Resetting the OTP Applet on the YubiKey

Applicable Products


Warning: The steps in this guide will permanently delete the credentials stored in the two programmable slots in the YubiKey.

The OTP applet on the YubiKey cannot technically be reset to the factory defaults. To emulate a factory reset, you can delete the credentials from both slots, program a Yubico OTP credential to slot 1, and upload the credential to YubiCloud. You can either use the YubiKey Personalization Tool  or YubiKey Manager to reset your OTP slots.

YubiKey Manager Method
Step 1 - Deleting the Credentials

  1. Download and install the YubiKey Manager
  2. Open the YubiKey Manager.
  3. Insert your YubiKey to the computer.
  4. Verify on the initial page that your YubiKey is identified.
  5. Click on Applications at the top.
  6. Select OTP
  7. Select Delete on Slot 1 and click the Delete button.
  8. Select Delete on Slot 2 and click the Delete button.

Step 2 - Programming a new Yubico OTP credential

  1. Select Configure
  2. Select Yubico OTP
  3. Check the check-box to use the serial for public ID. 
  4. Generate a new Private ID and Secret Key using the generate button.
  5. Copy the values to another text editor ( for the upload later ).
  6. Once finished got to the upload page ( https://upload.yubico.com/ ).
  7. Copy the serial, public identity, private identity and the secret key generated using the Manager. 
  8. Press the YubiKey to fill out the OTP from the YubiKey in the input box.
  9. Complete the reCAPTCHA challenge
  10. Click on Upload AES Key.

YubiKey Personalization Tool Method

Step 1 - Deleting the Credentials

  1. Download and install the YubiKey Personalization Tool.
  2. Open the Personalization Tool.
  3. Insert your YubiKey to the computer.
  4. Verify in the right column that the YubiKey is identified.
  5. Click on the Tools tab at the top.
  6. Click the Delete Configuration button.
  7. Select Configuration Slot 1 and click the Delete button.
  8. Select Configuration Slot 2 and click the Delete button. 

Note: If you receive the error "YubiKey could not be configured. Perhaps protected with configuration protection access code?" this indicates the slot is protected. You will need to check the Use Access Code box and enter the access code used when programming. If you do not know this code, there is no way to delete the configuration from the slot.

Step 2 - Programming a New Yubico OTP Credential

These steps are best covered in the Configuring Your YubiKey for YubiCloud guide.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.