1.15 U2F

HINT:You must install Advanced Authentication Device Service for all browsers except Google Chrome. It contains a built-in module.

To enroll a FIDO U2F authenticator click the U2F icon.

Then follow the steps below:

  1. You see a message Press button "Save" to begin enrolling.

  2. You may enter a comment in Comment field. It should be a text like YubiKey token.

  3. Select the required category from the Category list.

  4. Ensure that your FIDO U2F token is properly connected to the machine.

  5. Click Save button. You will see a message Please touch the flashing U2F device now. You may be prompted to allow the site permissions to access your security keys.

  6. Look at the FIDO U2F token. If it's flashing, press a FIDO U2F button. You will see a message Authenticator "U2F" enrolled. If it doesn't flash wait 10 seconds, if it still doesn't flash then reconnect your token and repeat the steps.

HINT:If you see a message Cannot reach local FIDO U2F Service. Ask your admin to enable it. You may use Google Chrome browser, it has a built-in U2F support ensure that you have the FIDO U2F Service installed.

If you see a message Timeout. Press "Save" to start again click Save again.

If a message Enroll failed: Device not attested. Ask your administrator to upload your token attestation certificate is displayed, contact your administrator to add your token attestation certificate.

To test the authenticator follow the next steps:

  1. Click the U2F icon in the Enrolled methods section.

  2. Click Test button. You will see a message Please touch the flashing U2F device now. You may be prompted to allow the site permissions to access your security keys.

  3. Press a FIDO U2F button. You will see a message Authenticator "U2F" passed the test. If the provided card is invalid you will see a message Token is not registered.