We’ve received a bunch of questions about YuibKey two factor authentication, so we’re going to summarize them here.
How can I add a YubiKey to my account?
Email firstname.lastname@example.org with your account name and your 12 character key IDs. Online management is in development. Once keys are associated to your account you won’t be able to log in to the account control center without providing the OTP at login time.
Do you support multiple keys?
Yes. In the current test phase we’re only supporting two keys per account: primary and secondary. We plan to allow an arbitrary number of YubiKeys to be associated with an account and support both OTP and U2F.
How do I recover access if my key is lost?
We encourage a backup key (or two) for safekeeping in case the primary is lost, stolen, or damaged. Most people will carry their primary key with them on a daily basis. The backup key(s) should be kept in a safe, secure, or trusted location. We don’t like the idea of disabling the second factor to “recover” access because doing so defeats its purpose if it can be easily turned off.
Are you going to support Google Authenticator?
We’re also looking at support for Google Authenticator (TOTP) and Authy as other methods, but for now we’re focusing on YubiKey since we use them internally at our office.