These instructions explain how to enable and use YubiKeys with your Microsoft 365 account.

This allows you to sign in without a username/password. Instead just use your YubiKey and a PIN - whether that is for the Microsoft 365 portal or access to your laptop/computer.

Before you begin

Setting up your YubiKey is really easy, but there’s a couple of simple things to check before you start.

  • Use a modern browser for the setup. Microsoft Edge is our recommended browser for this.

  • Use your company laptop/device for setting up the key. It needs to be one where you sign in to the device using your Microsoft 365 account already.

Register a YubiKey to your Account

View your accounts security information

  1. Open a browser window (using a modern browser like Microsoft Edge mentioned above) and navigate to https://myprofile.microsoft.com.

  2. You may be prompted with an account selection or Sign In window. Select your company account.

  3. Enter your password and complete the multifactor authentication steps if prompted.

  4. From the Security info box follow the Update info link.

Add a YubiKey as a Security method

  1. From the top of the table select Add method.

  2. Note: You must already have a method registered here before registering a YubiKey. It’s almost certain that you will have this as part of your initial account set up to meet the requirement for multifactor authentication to be enabled.

  3. From the drop-down menu, select Security key and then click the Add button.

  4. Depending on the type of key you have, you need to select the appropriate connection method. Select USB if you will be plugging the YubiKey into your device (typical), or NFC if you will be placing your YubiKey on a NFC reader (for example, the one embedded in most mobile phones).
    Note: This process is just for registration. Once complete you can use either method for signing in.

  5. Select Next to start the registration process.

  6. If prompted, click Continue or OK in the browser prompt to acknowledge that a record of you visiting microsoft.com will be recorded on your YubiKey. This information is only readable by you and Microsoft, no other services will be able to read this information.

  7. Insert your YubiKey into the USB port or place it on the NFC reader.

  8. Create a PIN code for the YubiKey. This PIN code only applies to the YubiKey and is not transmitted to Microsoft or anywhere else.

  9. Tap the flashing sensor on your YubiKey or tap it on the NFC reader when prompted to continue.

  10. If prompted, click Allow to send Microsoft the model of the YubiKey used. There is no personally identifiable information sent.

  11. Type a unique name for your YubiKey, then select Next. Make the name meaningful to you, but unique. Typically this will be something like “YubiKey 5 NFC”.
    If you ever lose the key, it’s this name that will identify it so it can be removed from your account.

  12. Select Done to complete the registration process.