This document explains how to use the Yubikey Neo. The Yubikey Neo is a hardware token, used for two-factor authentication, which is U2F compliant, so it can be used as a 2-factor device for your Gmail / Google account. Using a “Security Key” is only supported in Google Chrome.
If you want to configure the FIDO U2F key by Yubico, skip the “Configure the Neo” part. The other steps are identical.
Google will require you to connect your phone by default. You can choose to just setup the Security Key, or also enable the authentication app. When you enable both, Google will first ask for your Security Key and offer the app as a back-up (E.G in other browsers)
- Two-factor authentication via your app must be enabled
- When using a Yubikey Neo: You must download and install the NEO Manager (which is a separate tool from the Yubikey Personalization tool
You can download the NEO Manager here:
- NEO Manager for Windows: http://yubi.co/NEOMgrWin
- NEO Manager for OSX: http://yubi.co/NEOMgrMac
- NEO Manager for Linux: http://yubi.co/NEOMrgLux
2. Configure the NEO
Once you’ve installed the NEO Manager, open the application.
To configure your NEO to support U2F (used by Google), click “Change connection mode (OTP)
When you enable U2F you will still be able to use the OTP functionality of your NEO e.g for logging into your websites.
- Check the U2F box.
- Click “Ok”
- You will be prompted to remove your Yubikey NEO. Remove the Yubikey now.
3. Configure your account
Login to your Google account. Open your “profile” in the top right, and click “Account”
- Go to the “Security” tab in your profile
- Click “Settings” next to 2-step verification. 2-factor authentication needs to be enabled to be able to continue.
Open the “Security Keys” tab, and click “Add security key”
4. Adding the key
- Make sure the Yubikey isn’t plugged in yet.
- Click the register button, then plug in the Yubikey NEO.
- Touch the gold disk to send the code, until you get the “Registered” confirmation.
- Click “Done”
5. Using the key
When you try to access your Google account, Google might ask for your Security Key. Plugin the Yubikey Neo, and touch the gold disk to send the code, after which you will be logged in. You’re now using 2-factor authentication!
Download this tutorial
You can download the PDF of this tutorial here, courtisy of @socroto and @toralko