Register the security key
There are two ways to register a security key: from the configuration tool or from the logon screen.
If your account has been deleted
If the currently logged-in Windows account has been deleted from the YubiOn FIDO Logon web management site, the registration operation cannot be performed.
Before registering a security key
FIDO security keys must have a PIN set before they can be used. (Including those with fingerprint support)
For security keys that require PIN or biometric (fingerprint, etc.) registration, PIN registration can be done on the FIDO Logon software, but biometric settings must be done separately.
To register by Windows function, please refer to “Register PIN or fingerprints” for setting up.
-
On your PC, select Start > YubiOn > FIDO Logon Configuration Tool to launch the YubiOn FIDO Logon Configuration Tool.
-
Select "Authentication Settings" from the left menu of the Configuration Tool.
-
Click on the "Register security key" button.
-
Connect the authenticator to your PC.
-
Operate the authenticator.
How to operate the authenticator
The operation of the authenticator depends on your device.
For fingerprint-type FIDO2 security key
Touch the device to read the fingerprint.
* If the fingerprint is not registered, the operation is the same as that of a PIN type security key.
For PIN-type FIDO2 security key
If a PIN has already been set, enter the PIN.
If the PIN has not been set, a screen for setting a PIN for the security key will appear.
For U2F security key
Touch the device to proceed with registration.
-
Registration is complete.
- Confirm that the registered authenticator is displayed in the list screen.
- Exit the Settings tool.
Prerequisite
To register from the logon screen, the following conditions must be met
- The version of the installed configuration tool must be 3.1.0.1 or later.
- No authenticator assigned to the account to log on to.
- "Logon to authenticator-less account" policy is set to "Logon with password only the first time and enforce authenticator registration" (administrator operation).
-
Displays the logon screen.
The first time, you will need to enter the password for your Windows account.
-
Click "OK".
-
If the security key is not inserted into the USB port, insert it.
-
Operate the authenticator.
How to operate the authenticator
The operation of the authenticator depends on your device.
For fingerprint-type FIDO2 security key
Touch the device to read the fingerprint.
* If the fingerprint is not registered, the operation is the same as that of a PIN type security key.
For PIN-type FIDO2 security key
If a PIN has already been set, enter the PIN.
If the PIN has not been set, a screen for setting a PIN for the security key will appear.
For U2F security key
Touch the device to proceed with registration.
-
The security key is registered.