How To Guides

Setting up Yubikey for Dual-Factor Authentication

What is a Yubikey?

A Yubikey is a hardware device that plugs into your computer to simplify two-factor authentication. When prompted to authenticate yourself, you press the button (metal contact) to provide the second factor for authentication. The keys come in USB-A, USB-C, or USB-C/lightning connectors, but the price differs accordingly.

 

Benefits

  • Can be used on different computers or devices.
  • Does not require a smartphone.

 

Drawbacks

  • It is not recognized by all applications, services, or websites.
  • Can be misplaced due to small size.
  • Initial setup requires administrative rights. You might need different keys if your devices have incompatible ports (android/apple/pc).

 

Duo Authentication App on smartphone in comparison

  • Your phone is almost always with you.
  • You can add additional phones or numbers.
  • Works on all sites, apps, and services.
  • Multiple ways to authenticate – prompted, SMS, phone call.

 

What works* with the Yubikeys

 

Windows 10MacOS XLinux UbuntuiOSAndroid 11
Rutgers Connect in Web browsers Rutgers Connect in Web browsers Rutgers Connect in Web browsers Safari on iOS 14.4 Rutgers Connect in Web browsers
Most apps using CAS on the web Most apps using CAS on the web Most apps using CAS on the web CAS does not work on any browsers Most apps using CAS on the web

*Certain versions of browsers do not work on some operating systems.

 

What does not support the Yubikeys

 

Windows 10MacOS XLinux UbuntuiOSAndroid 11
Cisco Any Connect (VPN) Cisco Any Connect (VPN) Cisco Any Connect (VPN) N/A N/A
N/A Apple Mail on v.11.1 Thunderbird v.78 Apple mail not tested yet Google mail not tested yet
Firefox v.84 Firefox v.84 Firefox v.84 Firefox v31.0 Still testing
Edge v.44 Safari v.14 Chrome v.87 Chrome v.87 Chrome v.87

 

Initial set up of the Yubikey

No additional steps required on Windows 10 and MacOS X. However, on Ubuntu (20.04).

 

Configuring Duo to use your Yubikey for 2FA

  • Log into https://netid.rutgers.edu.
  • Click on Manage NetID+ Two Factor Authentication.
  • Click Add a New Device and authenticate in the pop up window.
  • Select Security Key and click Continue.
  • Click Continue again. Click Proceed on the pop up window.
  • Touch the metal contacts on your Yubikey and click Continue when the pop closes.
  • You can select Yubikey as your Default device. You’ll still have the option to use your phone.
  • Add images of the steps.

 

Using your Yubikey for 2FA

  • When 2FA is needed, you’ll be prompted to use the Yubikey.
  • Images of the Yubikey prompt here.

    security key