Security Key: A New Option for Two-Step Authentication
A new device type – security key – can now be purchased and used as an option to log in when two-step authentication is required.
A push notification delivered to your phone via the Duo Mobile app is still the university’s recommended authentication method. But a security key provides stronger protection than a phone call or SMS-text option. It is also more resistant to phishing attacks than passcodes generated by existing hardware tokens — including a previously-assigned Yubikey.
What is a security key?
A security key is a hardware-based device that plugs into a computer to simplify two-step authentication. When prompted to authenticate, you simply tap the physical key. There’s no need to use your smartphone, and the same security key can be used on multiple devices.
Get started with a security key
- If you want to use a security key, you’ll need to purchase one. You can purchase a Yubikey security key directly from the manufacturer with a 20% educational discount.
- Any Yubikey 4 Series, Yubikey 5 Series, or Security Key Series Yubikey can be self-enrolled as a Stanford two-step authentication compatible security key. Follow these instructions to self-enroll your security key via the Stanford accounts webpage.
- For more information on ordering and using a security key, visit How to Use a Security Key for Two-Step Authentication.
- Review options for two-step authentication at Stanford.