MFA-How to Set up a Security Key for Multi-Factor Authentication
Prior to key set up the staff member receiving the key needs to be added to a FIDO2Pilot group. This can take up to 30 minutes to sync.
Please use Google Chrome for this process
Navigate to Users>search user>select user
On the left: select Authentication methods
Select “+ Add Authentication Method” under authentication methods
Select Temporary Access Pass from the drop down menu
Change minutes to 60 minutes if it isn’t already
Click Add
Write down the temporary access pass for the user since this is the only time it will be displayed
On the device:
Go to the portal>Applications>Microsoft Security Info (MFA)
Staff member will need to sign in and they may need to use the Temporary Access Password or a previously registered MFA method
Click Add Sign-in method
Select Security Key>select USB device>click Next on the screen to have your key ready
Click on Try another way under the QR code if it pops up
Progress through the next screens by clicking OK
When prompted insert the security key (gold side up) and touch the key to activate it when prompted
Staff member will need to create a PIN number (4+ digits - can’t be 0000)
Staff member will be prompted to tap the key on the sensor a couple of times (keys can be sensitive when activating the touch sensor)
Staff member will need to create a name for the security key and click Done
Delete the temporary access pass under the My Sign Ins area after the key is setup