Customized Support is coming! Participate in the Ory Open Source Support Survey for Self-Hosted Users

Multi-factor authentication ensures that your Ory Network account is secured even if your credentials have been compromised.

The Ory Network currently offers two second factors to choose from:

  • Authenticator App
  • Hardware Token

An Authenticator App is an application on e.g. your mobile device that generates a time-based one-time-password (TOTP); generally a six digit code that is valid for ~60 seconds.

A Hardware Token is a physical device that stores cryptographic keys to generate one-time passwords (other methods of authentication are also supported by hardware tokens).

Multi-factor authentication for the Ory Network leverages the FIDO2 open authentication standards which include both WebAuthentication (web APIs for passwordless authentication in browsers) and CTAP protocols.

In this guide we are going to add a Hardware Token "Yubikey" to our Ory Network account in 3 easy steps.

Hardware tokens come in many different sizes & shapes. One of the most widespread is the Yubico Yubikey. I am going to use the Yubikey 5 with a USB-C connector in this guide, but it will work just the same with other models.

Adding Yubikey to the Ory Network

For this guide you just need your Ory Network account and have the Yubikey or other hardware token on hand.

  1. Log into & open the settings page.
  2. Type the name of your security key.
    In my case it is Yubikey, but you can name your security key whatever you feel like.
  3. Hit "Add Security Key" and connect your Yubikey.
    Plug in your Yubikey and when you see the symbol blinking with a green light, touch it to activate the Yubikey.

That is it, we are done! 🥳

See also this video going over the individual steps:

Your Ory Network project is now protected with the Hardware Token "Yubikey".

When you login the next time, you will use your credentials/social login as before.

Then you get a prompt to Please complete the second authentication challenge.

Connect the Yubikey and press the Use Security Key button. Now your Yubikey blinks with a green light. Touch it to activate and complete your authentication.

If you haven't already, sign up for a free account at Ory Network!

Never miss an article - Subscribe to our newsletter!