×
Community Blog Enabling U2F Security Keys on Alibaba Cloud

Enabling U2F Security Keys on Alibaba Cloud

This article describes how to enable multi-factor authentication U2F Security Keys on Alibaba Cloud.

By Pablo Puig

What Are the U2F Security Keys?

Universal 2nd Factor (U2F) security keys are a type of multi-factor authentication (MFA) device that you can use to protect and secure your resources when using an Alibaba Cloud Resource Access Management (RAM) user. U2F is a widely accepted MFA protocol that provides an efficient and universal MFA method.

One of the main differences between U2F and hardware MFA is that with U2F, you need to plug your U2F security key into a USB port on your computer and tap it when prompted to complete the sign-in process securely. You don't need to introduce any code or password.

Note : You can enable only one type of MFA device for a RAM user at the same time. Therefore, you have to choose whether you prefer to use a Virtual device or a U2F device.

How Can You Enable U2F Security Keys?

The following step-by-step guide explains how to enable U2F security keys on Alibaba Cloud. In this tutorial, we used Yubikey 5c produced by Yubico as the U2F Security Key.

  • Step 1: Log in to your Alibaba Cloud account and go to the RAM console. On the left-side navigation pane, select Identities and click on Users.

Note: You need to use your Alibaba Cloud account or a RAM user that has administrative rights.

1

  • Step 2: In the User Logon Name/Display Name column, click the username of the RAM user for which you want to enable a U2F security key.

2

  • Step 3: On the page that appears, click the Authentication tab. Then, click the U2F Security Key tab.

3

  • Step 4: Click Enable U2F Security Key

4

  • Step 5: On the Bind U2F Security Key page, bind the RAM user to the U2F Security Key. Then, plug the U2F Security Key into the USB port on your computer and tap the U2F Security Key button.

5

  • Step 6: Click OK on the message that prompts you to obtain the U2F Security Key

6

  • Step 7: Click Confirm Bind on the message indicating that the U2F Security Key is obtained

7

  • Step 8: After successful binding, the device status should be displayed as Enabled.

8

After you enable the U2F Security Key and use the RAM user to log on to the Alibaba Cloud Management Console again, the console prompts you to perform the following operations:

  • Step 1: Enter the username and password of the RAM user

9
10

  • Step 2: Bind the U2F Security Key

11

  • Step 3: Once the U2F Security Key is obtained, click Verify, and it will redirect you to the Alibaba Cloud Management Console.

12

How Can You Disable U2F Security Keys?

If you want to disable the U2F Security Key, follow the steps below:

  • Step 1: Log in to your Alibaba Cloud account and go to the RAM console. On the left-side navigation pane, select Identities and click on Users. Select the user for which you want to disable the U2F Security Key, navigate to the Authentication tab, click the U2F Security Key tab, and then click on Disable the U2F Security Key.

13

  • Step 2: Click OK on the message that prompts you to accept disabling the U2F Security Key

14

  • Step 3: After successful unbinding, the device status should be displayed as Disabled.

15

Conclusion

This article explained U2F Security Keys and how to enable and disable them.

0 0 0
Share on

Alibaba Cloud Community

37 posts | 3 followers

You may also like

Comments