Setting up a YubiKey (Hardware/MFA Token) with Microsoft 365
Last updated
Was this helpful?
Last updated
Was this helpful?
Before you begin, ensure you have the following:
A Microsoft 365 account with MFA enabled.
A FIDO2-compliant security key (e.g., YubiKey, Feitian, or SoloKey).
A compatible browser (Microsoft Edge, Google Chrome, or Firefox).
Open your browser and go to the Microsoft Security settings page: https://mysignins.microsoft.com/security-info.
Sign in with your Microsoft 365 credentials.
If prompted, verify your identity using an existing MFA method (such as a mobile app or SMS code).
Under the Security info section, click on + Add sign-in method.
From the drop-down list, select Security key, then click Add.
Choose your security key type:
USB: Insert your USB security key into your computer.
NFC: If using an NFC key, ensure your device supports NFC and hold the key near the NFC reader.
Click Next and follow the on-screen instructions.
When prompted, insert your security key and tap it (if required).
Set up a PIN for your security key if you haven't already.
Follow the browser prompts to complete the security key registration.
Once successfully registered, give your security key a recognizable name (e.g., "Work YubiKey").
Click Done to finalize the setup.
Sign out of your Microsoft 365 account.
Navigate to https://login.microsoftonline.com
Enter your username and choose Sign in with a security key.
Insert or scan your security key and enter your PIN if prompted.
If authentication is successful, you're now signed in using your security key!
To manage or remove your security key:
Locate your registered security key under Security info.
Click Remove if you wish to delete it or add additional security keys, following the steps above.
Security key not detected? Ensure your browser supports FIDO2 authentication and that your key is properly connected.
Error during setup? Try using a different browser or clearing cache and cookies.
Lost or stolen security key? Remove it from your security settings immediately and register a new one.
Using a security key for MFA in Microsoft 365 enhances your accountβs protection against phishing and unauthorized access. Once set up, signing in becomes faster and more secure. If your organization enforces MFA, consider using a security key as your primary authentication method for a seamless experience.
For additional security best practices, check out Microsoftβs official MFA documentation: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods.
Multi-Factor Authentication (MFA) adds an extra layer of security to your Microsoft 365 account. Using a hardware security key, such as a YubiKey key, provides a strong form of authentication that is phishing-resistant and highly secure. This guide walks you through the process of setting up a hardware security key for your Microsoft 365 account.
Looking for free YukiKeys for your nonprofit? Click here.