Overview
A security key plugs into a USB port on your computer, and can be used to verify multi-factor authentication (MFA) or as passwordless sign in. You can use a security key when asked to verify MFA; especially if you do not have a mobile device or do not want to use your mobile device.
We recommend and can provide the Yubico security key series, or you can purchase your own key (just make sure it supports FIDO2).
Setup your Security Key
Before you begin!
- Have your security key ready and be at your computer.
- Setup does not work in private/incognito browsing mode (use a regular browser session)
- You must know your current UFV password. If you don't know your password, contact the IT Service Desk to have it reset.
Quickstart
Download the quickstart guide on the right hand side of this article. Detailed instructions and troubleshooting can be found below.
Detailed Setup Instructions
1. From a computer, go to https://aka.ms/mfasetup
2. Click +Add Method and select Security key from the drop-down menu. Click Next.
3. Choose USB device (recommended) or NFC device (only if you have an NFC reader).
You will be redirected to a new window to finish setup.
Note: When using Edge or Chrome, you may be prompted to save a passkey to your iPhone, iPad, or Android device. On the prompt Choose where to save this passkey, select Security Key instead. If you choose instead to use an iPhone, iPad, or Android device, our support is best-effort only as there are many device types; some which may not support passkeys. If your device does not support passkeys, you will have to use a security key instead.
4. When prompted, insert your security key into the USB port on your computer.
5. If this is a brand-new key, you will be asked to create a numerical PIN. Keep this PIN safe, it cannot be reset or recovered by UFV IT Services!
When finished, click OK.
6. Give your security key a friendly name (example: My security key) then click Next.
You’re all done! You can now use your security key to verify MFA or for passwordless sign in.
Sign in with your Security Key
Once your security key is set up, you'll have two new ways to sign in to your UFV account:
Option 1: Verify MFA
If you are prompted to verify your identity using MFA, simply insert your security key into your device's USB port (or use your NFC reader if you chose NFC at setup).
Option 2: Passwordless Sign in
When you see this UFV-branded sign in screen, click Sign-in options and then choose Sign in with Windows Hello or security Key.
You will not have to enter your username and password: simply insert the key into your USB port, enter your PIN, and you'll be signed in!
Troubleshooting & FAQ
I forgot the PIN to my security key.
The PIN is attached to the security key and not managed by UFV’s IT Services; therefore, we cannot recover or reset the PIN to your security key. If you have forgotten your PIN, you can reset the key to factory default using the Yubikey Manager app: http://www.yubico.com/support/download/
Insert your security key into the USB port, then open the yubico manager app on the same device. Navigate to Applications > FIDO 2. Click Reset FIDO, then Yes.
Once reset to factory default, follow the setup instructions again to re-register the key.
What do I do if I lose my security key?
If you lose your security key, contact IT Services immediately. To prevent unauthorised access to your account, we will remove the security key so it can no longer be used for sign in. You can then set up a new security key.
I have other questions.
Please contact the IT Service Desk if you have other questions about your security key.