Home and Settings

For desktop and Android devices, general app and key settings are managed primarily through the Home page. Features include:

• changing a YubiKey’s label and color in the app
• toggling YubiKey applications on/off (desktop only)
• changing the app theme
• toggling between multiple connected keys (desktop only)
• performing a factory reset of a YubiKey application

There are also mobile-specific settings for both Android and iOS/iPadOS.

The Home page: YubiKey at a glance

Note

The Home feature is available for Yubico Authenticator for Desktop and Android only.

The Home page displays a wealth of important information about the connected YubiKey, including:

• YubiKey model (e.g. YubiKey 5 NFC).
• Custom label (if one was created).
• Serial number.
• Firmware version.
• Enabled applications for current connection type (USB or NFC). Applications include Yubico OTP, PIV, OATH, OpenPGP, FIDO U2F, and FIDO2, depending on your YubiKey.

To view the Home page, plug your YubiKey into your device, click the menu icon in the upper left corner of the app, and select Home.

To connect via NFC on desktop, click the NFC icon in Yubico Authenticator and place your YubiKey on top of a desktop NFC reader. The key must maintain constant contact with the reader throughout the operation. To connect via NFC on Android, tap your YubiKey on the back of your device to scan.

Switching between keys

Note

Toggling between multiple connected YubiKeys is available on Yubico Authenticator for Desktop only.

Yubico Authenticator for Desktop allows you to interact with multiple connected YubiKeys (only one key can be connected over NFC, but USB connections are not limited). When performing operations in Yubico Authenticator, changes can only be applied to one key at a time.

If you have more than one YubiKey connected to your desktop device, you can toggle between them by selecting a key underneath the menu icon in the upper left corner of the app. Any YubiKey changes made via the Home, Accounts, Passkeys, Fingerprints, Certificates, and Slots pages will apply to the selected key only.

Change a YubiKey’s label and color

Note

YubiKey labels and colors can be changed on Yubico Authenticator for Desktop and Android only.

By default, connected YubiKeys are labeled with their model name on the Home page and the left menu bar. They also have a default color scheme within the app (green on desktop, purple on Android).

To assist with managing multiple keys, key labels and colors can be customized. When a custom label is created, the key’s model name is moved into parentheses after the custom text. These changes persist on the device they are initiated on; if a key is unplugged and then reconnected, the label and color will reflect whatever was previously configured. If multiple keys with different colors are connected to your desktop device, switching between them will change the app’s color scheme.

The label and color information is stored in the app itself, not on the YubiKey. If you toggle these settings for a key on Device A and then connect the key to Device B, you will not see the label/color changes in the app on Device B.

To change a label or color for a particular YubiKey, do the following:

1. Plug your YubiKey into your device, click the menu icon in the upper left corner of the app, and select Home.

   To connect via NFC on desktop, click the NFC icon in Yubico Authenticator and place your YubiKey on top of a desktop NFC reader. The key must maintain constant contact with the reader throughout the operation.

   To connect via NFC on Android, tap your YubiKey on the back of your device to scan.

2. To change the color, click the Color drop-down menu and select a new color.

3. To change the label, click the pencil icon next to the key’s model name. Enter a new name for your key and click Save.

Toggle YubiKey applications on/off

Note

The Toggle applications feature is available on Yubico Authenticator for Desktop only.

The YubiKey applications, which include Yubico OTP, PIV, OATH, OpenPGP, FIDO U2F, and FIDO2, can be enabled or disabled for both USB and NFC connections. If an application is disabled, that application will no longer interact with connected devices over the indicated connection type.

For example, if the Yubico OTP application is disabled over USB, the key will no longer emit a Yubico OTP (if a slot is configured with one) when the key is connected to a device over USB and touched.

Note

Enabling/disabling an application does not reset the application; all credentials and settings are preserved.

To enable/disable an application, do the following:

1. Plug your YubiKey into your device, click the menu icon in the upper left corner of the app, and select Home.

   To connect via NFC on desktop, click the NFC icon in Yubico Authenticator and place your YubiKey on top of a desktop NFC reader. The key must maintain constant contact with the reader throughout the operation.

2. Click Toggle applications under Device. To find the Device menu in a narrow app window, click the three dots in the upper right corner.

3. To enable an application, click on it until it shows a check mark. To disable an application, click on it until the check mark disappears. When you are done, click Save.

Change the Authenticator theme

Note

The app theme can be changed on Yubico Authenticator for Desktop and Android only.

Yubico Authenticator for Desktop and Android have three themes available: default, light, and dark. The color of the default theme is dependent on your system settings.

To change the theme, do the following:

1. Open Yubico Authenticator, click the menu icon in the upper left corner of the app, and select Home.

2. Click Settings under Application. In the Settings window, click Application theme and select a new theme.

   To find the Application menu in a narrow app window, click the three dots in the upper right corner of the app.

Android settings

There are several settings that are unique to Yubico Authenticator for Android. These include:

• NFC tap behavior
• Touch requirement with NFC
• NFC sounds
• USB connectivity

Note

Android NFC settings are only visible in the Yubico Authenticator app on devices that support NFC.

To toggle these settings, open Yubico Authenticator, click the menu icon in the upper left corner of the app, and select Home. Click the three dots in the upper right corner of the app and select Settings under Application.

NFC tap behavior

Yubico Authenticator can be configured to do one of the following when a YubiKey is tapped against the Android device’s NFC reader:

• Launch Yubico Authenticator
• Generate a Yubico OTP and copy it to clipboard
• Launch Yubico Authenticator, generate a Yubico OTP, and copy it to clipboard
• Nothing

By default, Launch Yubico Authenticator is selected. To toggle this setting, click On YubiKey NFC tap under NFC options.

Touch requirement with NFC

When an OATH account is added to a YubiKey, it can be configured to “require touch” in order to generate an OTP. For NFC connections, this means tapping the YubiKey against the device’s NFC reader at least twice: once to display the OATH accounts and again to generate and display the OTP for a particular account.

However, on Android, this touch requirement can be bypassed so that OTPs are generated and displayed for all TOTP OATH accounts on the initial NFC tap. To do so, toggle on Bypass touch requirement under NFC options.

NFC sounds

By default, Android devices with volume on will emit a sound whenever a YubiKey is scanned by the NFC reader. To turn this sound off, click the toggle next to Silence NFC sounds.

USB connectivity

By default, Yubico Authenticator does not automatically launch when a YubiKey is connected to an Android device over USB.

To change this so that Yubico Authenticator launches automatically, toggle on Launch when YubiKey is connected under USB options. Note that this prevents other apps from using the YubiKey when connected over USB.

iOS/iPadOS settings

There are several settings that are unique to Yubico Authenticator for iOS/iPadOS. These include:

• NFC reader initiation after opening the app
• Touch requirement with NFC
• Clipboard settings for copying Yubico OTPs
• NFC reader initiation after generating a Yubico OTP
• Yubico OTP generation

YubiKey overview

To get an overview of a YubiKey connected to an iOS/iPadOS device, click the three dots in the upper right corner and select Configuration.

The Configuration screen displays the key’s model name, firmware version, and serial number.

Initiate NFC at application start

By default, to connect to a YubiKey over NFC on iOS/iPadOS, you must swipe down on the screen to initiate the NFC reader prior to scanning the key. To automatically trigger the NFC reader when the application is launched (as in, the app will prompt you to scan your key without having to swipe down on the screen first), do the following:

1. Click the three dots in the upper right corner and select Configuration.
2. Click NFC settings.
3. On the NFC settings page, toggle on Initiate NFC at application start.

Touch requirement

When an OATH account is added to a YubiKey, it can be configured to “require touch” in order to generate an OTP. For NFC connections, this means tapping the YubiKey against the device’s NFC reader at least twice: once to display the OATH accounts and again to generate and display the OTP for a particular account.

However, on iOS/iPadOS, this touch requirement can be bypassed so that OTPs are generated and displayed for all TOTP OATH accounts on the initial NFC tap. To do so, do the following:

1. Click the three dots in the upper right corner and select Configuration.
2. Click NFC settings.
3. On the NFC settings page, toggle on Bypass touch requirement.

Copy Yubico OTP to clipboard

When a YubiKey is held next to an iOS/iPadOS device’s NFC reader (whether the Authenticator app is open or not), the key will generate a Yubico OTP (if a slot is configured), and the device will prompt you to open Yubico Authenticator, where the OTP will be displayed. Clicking on the OTP will copy it to the clipboard.

To copy the OTP to the clipboard automatically after opening Yubico Authenticator, do the following:

1. Click the three dots in the upper right corner and select Configuration.
2. Click NFC settings.
3. On the NFC settings page, toggle on Copy OTP to clipboard.

Activate NFC on OTP tag read

When a YubiKey is held next to an iOS/iPadOS device’s NFC reader (whether the Authenticator app is open or not), the key will generate a Yubico OTP (if a slot is configured), and the device will prompt you to open Yubico Authenticator, where the OTP will be displayed. The app can also be configured to launch the NFC reader once the app is opened in this scenario. Once the key is scanned, the OATH accounts are displayed along with the Yubico OTP.

This is set to “On” by default. To toggle this setting off, do the following:

1. Click the three dots in the upper right corner and select Configuration.
2. Click NFC settings.
3. On the NFC settings page, toggle off Activate NFC on OTP tag read.

Toggle Yubico OTPs

By default, YubiKeys will generate a Yubico OTP (if a slot is configured) when the key is touched or scanned with an NFC reader. To turn off this setting, do the following:

1. Click the three dots in the upper right corner and select Configuration.
2. On the Configuration page, select Toggle One-Time Password.
3. If connecting over NFC, scan your key when prompted. Otherwise, plug in your key.
4. Click the toggle next to One-Time Password. If connecting over NFC, scan your key when prompted to complete the operation.

Important

This toggle changes a setting on the YubiKey itself, not the app. If you toggle this setting off, the YubiKey will not emit an OTP when touched or scanned on ANY device. Also, if you toggle this setting off while connected over NFC, it will only prevent OTPs from being generated and submitted over NFC; touching the key when connected over USB or Lighting will still generate an OTP. Similarly, if you toggle this setting off when the key is plugged into your device, it will only prevent OTPs from being generated and submitted over USB/Lighting; scanning the key with an NFC reader will still generate an OTP.