YubiKey MFA Login as a User

YubiKey MFA: how to login to Privileged Access Management as a User.

The experience for users who must use YubiKey multi-factor authentication (MFA) to login is slightly different than the traditional style of username and password entry that they are probably accustomed to.

Although not drastically different, the following procedure must be performed by every user whose account is configured to require YubiKey MFA in Access Manager.

 

In order to use YubiKey MFA, you will need access to your physical YubiKey device. The following procedure has been tested with both YubiKey version 4 and 5 devices.

1. Open your browser to the Privileged Access Management’s login page.
2. Enter your username and password into their login fields and click Login when ready to continue. If you are unsure of your login, try your default network login. If that does not work, please contact your PAMadministrator for further assistance.



3. After clicking Login, a new page in your browser will display the beginning of your YubiKey registration process. This is a one-time registration process and you will not be required to perform this step again after your YubiKey is registered. Click your mouse cursor to the Token field and then touch your YubiKey. YubiKey should automatically populate the token value and advance to the next step. If it does not advance, click the Register button to continue.

   

4. After your YubiKey is registered, this next screen will authenticate you into Privileged Access Management. Click your mouse cursor to the Password field and then touch your YubiKey. YubiKey should automatically populate the one time password value and log you into Privileged Access Management. If it does not log you in, click the Login button to continue.

   

5. You are now logged into the PAM.

   

For subsequent logins, you will not need to re-register your YubiKey device, but you will be required to use your YubiKey device in order to login with its one time password (OTP).