U2F Security Key - FIDO 1.0 (MFA)

End users use a U2F compliant security key to sign into Okta. Examples of supported U2F security keys include a YubiKey or Titan Security Key.

U2F is supported only for Chrome and Firefox browsers.

If your policy allows for optional factors, end users can change to a different factor through the Okta Settings page, under Extra Verification.

Info

Note

The U2F security key is not compatible with RADIUS-enabled implementations.

Configure a U2F Security Key

The first time users sign into their org after you configure this factor, they see the Set up multifactor authentication page and must perform the following steps:

  1. Click the Setup button.
  2. Go through the prompts to register the security key and set it up.
  3. Once completed, click the Done button.

The next time your users sign in, they are shown a panel with instructions for signing in via their security key.

If your policy allows for optional factors, end users can change to a different factor through the Okta Settings page, under Extra Verification.