Posteo Help Help categories Article

This article is tagged with: Two-factor authenticationPassword and security

How can I use a YubiKey for two-factor authentication with Posteo?

Contents

  1. Setting up with Windows
  2. Setting up with Mac OS

Setting up and using a YubiKey with Microsoft Windows

You will need:

  • A Posteo account
  • The YubiKey TOTP help program for Windows
  • The secret key
  • A YubiKey

Note: The current version of the YubiKey TOTP help program (as of 11/03/2015) does not support U2F enabled YubiKeys (i.e. YubiKey Plus, Fido U2F Security Key). Take this into account when choosing your YubiKey.

Step 1: Setting up the YubiKey

  1. First, insert the YubiKey into a USB slot on your computer.
  2. Download the required YubiKey TOTP help program from the provider’s website.
  3. Open the program. In the system tray, the program symbol should now appear. Right-click the symbol, and choose “Show configuration window”.
    YubiKey Windows 1
  4. In the following window, select the free configuration slot for your YubiKey – “Use config 1" or “Use config 2”. (We recommend using configuration slot 2, which is usually free.)
  5. If no configuration slot is free, you will need to delete a slot first using the YubiKey Personalization Tool.
  6. In the next step, set the program to “6 digit TOTP”. Remove the tick next to “Use token identifier” and “Append Enter last” (if it is there).

YubiKey Windows 2

  1. Copy the “secret key” to the clipboard – either from the webmail interface settings or from where you have securely saved it.
  2. Click “Check”. You will then be asked, “Configuration 1/2 available to be programmed Use this?”
  3. If the number shown is your free configuration slot, click “Yes”.
  4. If not, click “No”. The other configuration slot will then be suggested to you. Click “Yes”.
  5. The entry field will now be activated. Paste the “secret key”, which you had previously copied.
  6. You will then be asked, “Program slot 1/2 with the supplied secret?” If the number shown is that of your free configuration slot, click “OK”.

Your Yubikey is now configured for Posteo two-factor authentication.

Step 2: Using the YubiKey

  1. First, insert the YubiKey into a free USB slot on your computer.
  2. Open the YubiKey TOTP help program (for installation instructions, see step 1). In the system tray, the program symbol should now appear. Right-click the symbol, and choose “Show configuration window”.
  3. Choose the configuration slot in which the secret key for your Posteo account is set up. (If you do not make any changes to the slots, this step only needs to be completed once.)
  4. Open the Posteo website. Log in to your account.
  5. When asked for your one-time password, right-click the help program symbol in the info section. Choose “Generate TOTP”.
  6. The one-time password will now be generated and shown on our website in the corresponding field. Click “Confirm” to complete the login process.

Setting up and using a YubiKey with Apple Mac OS X

You will need:

  • A Posteo account

  • A help program (requires purchase) 

  • The secret key
  • A YubiKey

Note: The current version of the YubiKey TOTP help program (as of 11/03/2015) does not support U2F enabled YubiKeys (i.e. YubiKey Plus). Take this into account when choosing your YubiKey.

Step 1: Setting up the YubiKey

  1. First, insert the YubiKey into a free USB slot on your computer.
  2. Obtain and install the Yubico Authenticator" software from the developer’s website.
  3. After installing, open the program.
  4. Click the “Y” symbol in the menu list and select “Preferences”.

YubiKey OSX 1

  1. Go to the “YubiKey Personalization” section.
  2. Select the free key slot (HMAC slot) for your YubiKey. (We recommend using configuration slot 2, which is usually free.)
  3. If no configuration slot is free, you will need to delete a slot first using the YubiKey Personalization Tool.
  4. Set the key type to “Base32”.

Now copy the secret key to the clipboard – either from the webmail interface settings or from where you have securely saved it.

Paste it into the “Key” field.

YubiKey OSX 3

Click “Write Config to YubiKey”.

Your Yubikey is now configured for Posteo two-factor authentication.

Step 2: Using the YubiKey

  1. First, insert the YubiKey into a free USB slot on your computer.
  2. Open the “OneTime for YubiKey” program, (for installation instructions, see step 1).
  3. Click the “Y” symbol in the menu list and select “Preferences”.
  4. Go to the “Preferences” section.
  5. Choose the configuration slot (HMAC slot) in which the secret key for your Posteo account is set up. (If you do not make any changes to the slots, this step only needs to be completed once.)
  6. Open the Posteo website and log in. When asked for your one-time password, click the “Y” symbol for the “OneTime for YubiKey” help program from the menu list and select “Insert OTP”.

YubiKey OSX 2

The one-time password should now appear in the corresponding field on the website and be automatically confirmed.