Using YubiKey devices from YubiCo (www.yubico.com) we can program a SoftToken onto their small and easy-to-use form factor. There are a couple of things to take note of as you set up your YubiKey.
First of all, in order to program a YubiKey you must have the AuthAnvil YubiKey Programmer installed. There are two separate programmers.
The Yubikey Standard programmer can be found here.
The Yubikey 4/Neo programmer can be found here.
After downloading the programmer to your Windows machine you can use the values from your enrollment email to activate and program a YubiKey that is plugged in to the USB slot of your machine.
Note: During the setup and activation of your YubiKey SoftToken you will encounter several "serial number" prompts. These will always refer to your SoftToken serial number, not the serial number on your physical YubiKey. In fact, AuthAnvil never knows what kind of device you are using when you activate a SoftToken.
Note: You can find your SoftToken serial number in the SoftToken Enrollment Email sent by your AuthAnvil administrator.
One thing many people do not know is that YubiKeys have 2 different values programmed into them:
- The first value is sent just by tapping the YubiKey briefly, less than 1 second. This is the One Time Password that is generated, just like a normal token would display on its screen. An OTP is an 8-digit number that will change every time you press the YubiKey button to generate a new one.
- The second value is the SoftToken serial number, which we have programmed onto the YubiKey in order to identify which SoftToken is which.
To type the serial number of the token simply hold the button down for 3+ seconds and then let go. SoftToken Serial Numbers are 9-digit numbers starting with 542****** but this slot may be programmed with a full 16-digit key for use with software like BitLocker. Only the first 9 digits are the SoftToken serial.