Body
Overview
WebAuthn tokens are physical hardware devices which can be used to complete multifactor authentication (MFA) and usually connect to your computer via a USB port but some use Bluetooth or NFC. Common WebAuthn tokens include those from Yubico (YubiKey), Fetian, and Google Titan.
Note: it is also possible to use "Platform Authenticators" in place a physical security key. Information on enrolling Platform Authenticators, like Touch ID or Windows Hello, is available here: https://guide.duo.com/universal-prompt#platform-authenticators
Yubico YubiKeys are recommended and a comparison of products can be found here: https://www.yubico.com/store/compare/
The "Security Key Series" is the least expensive and provides the minimum functionality for use with Duo. It will work in most cases but will not work with the VPN and some other uncommon scenarios.
A guide from Duo for enrolling Security Keys with the Duo Universal Prompt is available here: https://guide.duo.com/universal-prompt#add-security-key
Step 1
Open one of Chrome, Firefox, Safari, or the new Microsoft Edge browser and navigate to https://help.uidaho.edu/duo. If you are already logged in to MyUI or OWA, you likely won't have to enter your username and password and can skip to Step 2. If you are prompted for username and password, follow these steps:
Step A
Enter your username if prompted.
Step B
Enter your password if prompted.
Step C
Complete Duo authentication using one of your current methods.
Step 2
Complete Duo authentication. Note you will be prompted for Duo at this point even if you just did Duo in step 1.
Step 3
Click "Add another device".
Step 4
Select "Security Key" and click "Continue".
Step 5
Click "Continue".
Step 6
Plug your WebAuthn/U2F token into your computer if you haven't already.
Step 7
Tap the key when prompted:
Note if you are using a Safeguard encrypted computer you may see a prompt for username and password. To get around this, click "More Choices" and then the person silhouette icon. Once you do this you should see the "Touch your security key" prompt shown above.
Step 8
The token has been added to your account and shows in the list of options.