Using a U2F Hardware Token With Duo For 2FA

Users who do not have a cellphone or are unable to use the Duo mobile app to receive push notifications, can request a U2F (Universal 2nd Factor). A U2F Token is a piece of hardware (looks like a USB drive) that can clip on a keychain. When using Duo, instead of receiving a push notification, text message, or call, a user can plug in the U2F Token and tap the button on it to authenticate their login attempt.

U2F tokens are available at https://www.yubico.com/ and can be used for personal and business use.

When logging into an Emerson service or application that requires two factor authentication (more information on 2FA and Duo here: Duo, Single Sign-On, & Two Factor Authentication) for the first time you will be prompted to set up Duo.

      1. Click Start Setup.
      2. On the next screen, choose U2F Token and click Continue.
      3. When you get to the next page, make sure you have pop-ups enabled before clicking continue. To enable pop-ups in Google Chrome see, Block or Allow Pop-ups in Chrome.
      4. Click Continue to proceed with enrolling a U2F Token.
      5. A new window will prompt you to plug your U2F Token into an available USB port on your computer.

        Note

        There are USB A and USB C U2F Tokens available, please make sure you pick up one compatible with the ports on your computer.

        USB A and USB C ports side-by-side

      6. Upon plugging in your U2F Token, there should be a light that flashes on it. Tap where the light flashed.
      7. You should then see a window confirming that your U2F Token has been added.
      8. Click Continue to Login.
      9. Your U2F Token should flash again. Tap it once more to log in.

Note

If you receive an error message similar to the following, it is likely due to waiting too long to tap the U2F Token. Simply close the window and try logging in again.

error.PNG


Users can also use their U2F Tokens to authenticate or add an extra level of security to their personal accounts with any service that supports a FIDO U2F Security Key. For example, both Facebook and Google support users using a U2F Token to secure their accounts.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a ticket