You can also use a FIDO2 key as a security token.

If you do not have a smartphone available, a FIDO2 key is a good option if you want to log in on a device that is not your own.
You can also use a FIDO2 key as a security token in the BOKU-IT PC rooms.

A PIN code must be set for the FIDO2 key during setup. Please memorize this PIN code.

 

Set up FIDO2 key as security token

Go to the Keycloak account management and log in with your familiar BOKU credentials:

Click on 'Signing in'

Click on 'Set up security token':

Click on 'Register':

Now set a PIN code for this FIDO2 key.
Important: Make sure you remember this PIN!
You will need this PIN code every time you want to use the FIDO key as a second factor for logging in.

Der FIDO2-Key beginnt nun zu blinken.
Tippen Sie auf die blinkende Stelle. Das ist erforderlich, um sicherzustellen, dass Sie physisch beim Gerät anwesend sind. Es wird hier KEIN Fingerabruck verarbeitet.

Important: Now enter a meaningful name for the security token you have set up.
Even after a long period of time, you should be able to clearly recognize which device it is based on the name.

This security token is now listed in Keycloak.

Frequently Asked Questions, FAQ

What does FIDO2 mean?

The acronym FIDO stands for "Fast IDentity Online". Weitere Informationen zu FIDO2 finden Sie unter: https://en.wikipedia.org/wiki/FIDO_Alliance 

Do I need to buy a FIDO2 key now?

No, you usually will not need a FIDO2 key.

Windows Hello or macOS Touch ID will be the preferred login method on your work devices.

We recommend an authenticator app on your smartphone for logging in to new PCs.

If you often log in to BOKU IT services on external PCs (e.g. in PC rooms) and do not want to use an authenticator app on your smartphone, a FIDO2 key may be useful for you.