ESET Secure Authentication version 2.3.0 and later support authentication using YubiKey hard tokens. Hard tokens can be imported into ESET Secure Authentication using the PSKC file format. The following YubiKey devices have been certified for use with ESET Secure Authentication:
- YubiKey Neo & Neo-N (https://www.yubico.com/products/yubikey-hardware/yubikey-neo/)
- YubiKey Standard & Nano (https://www.yubico.com/products/yubikey-hardware/yubikey-2/)
A YubiKey device must first be configured before it can be used with ESET Secure Authentication. Use the YubiKey Personalization Tool (https://www.yubico.com/support/knowledge-base/categories/articles/yubikey-personalization-tools/) to program your secret key and export the configuration file. To do so, follow the steps below:
- Launch the YubiKey Personalization Tool and insert the YubiKey into a USB port.
- Click the Settings tab.
- Select Log configuration output under Logging Settings and then select PSKC format from the drop-down menu.
- Click the OATH-HOTP tab and then click Quick.
- Select Configuration Slot 1.
- Deselect OATH Token Identifier (6 bytes) under OATH-HOTP Parameters (auto generated).
- Click Write Configuration under Actions and save the log file.
- Close the YubiKey Personalization Tool before attempting to use the log file. The log file will not be saved correctly if the tool is not closed. If the data in this file is compromised, ESET Secure Authentication will not be able to fully secure your information.
- Copy the log file on to your server where ESET Secure Authentication Management Tools are installed and import it as detailed in the ESET Secure Authentication Product Manual (http://download.eset.com/manuals/eset_esa_product_manual_enu.pdf).
- Delete the PSKC file after you successfully import it to your server.