Skip to main content

How to Use a YubiKey with Your Microsoft Account on a Windows Device

These instructions are intended for participants of the Microsoft Authenticator Pilot Program only. Before you can complete this process, you'll need to set up the Microsoft Authenticator app on your mobile phone.

After you set up passwordless login for your Microsoft account, you have the option to use a YubiKey for multifactor authentication.

Step 1: YubiKey Setup 

  1. On your computer, open a new incognito/private browser window and navigate to https://mysignins.microsoft.com/security-info. If prompted to use Cardinal Key, cancel the prompt.
  2. Enter your username in the following format: <your SUNetID>@stanford.edu.
  3. Complete the sign-in process - the steps may vary depending on your previously configured authentication methods.
  4. You should be taken directly to the Security info page for your UAT account. At the top of the list of sign-in methods, you should be able to select + Add sign-in method.
    add sign in method
     
  5. Choose the option for Security Key.
    choose option for security key
  6. Choose the option for USB device.
    choose option for USB
     
  7. Follow the prompts as they walk you through authenticating the YubiKey.
    follow prompts
  8. Within the Windows Security prompt, choose the option for Security key and select Next.
    selection security key option
  9. Verify that this request is coming from you and select OK.
    select ok
  10. You will see a warning that our Microsoft tenant will store a copy of the security key. Select Ok to continue the set up.
    select ok to continue
  11. Insert the YubiKey when prompted.
    Prompt to insert YubiKey
  12. If you have a PIN, you will be asked to unlock the YubiKey. Enter your PIN and select OK.
    Prompt to enter PIN
  13. It will then ask you to physically touch your security key.
    Prompt to touch security key
  14. Windows Security will confirm that the security key is set up for sign-ins to Microsoft.
    Confirmation security key is set up
     
  15. Give your security key a name that is easy to recognize.
    enter name of security key
     
  16. Microsoft will confirm the addition of your security key and you should see it in the list of sign-in methods.
    Key name appears on list of sign in methods
     

Step 2: YubiKey login from a Windows device

  1. On your computer, open a new incognito/private browser session and go to https://outlook.office365.com. If your browser attempts to use Cardinal Key, cancel out of it.
  2. Enter your username as <your SUNetID>@stanford.edu.
  3. You’ll likely be prompted with the two digit code used in the Passwordess method. Choose Sign in another way.
    shows sign in another way
     
  4. Select Face, fingerprint, PIN or security key.
    Select Face, fingerprint, PIN or security key

     
  5. Select Security key.

     
  6. Insert and authenticate your YubiKey.
  7. After physically touching the YubiKey, you should be put directly into Outlook.
     
Last modified