Case Study
OpenAI leverages Ory to support over 400M weekly active users
Ory Homepage

How to secure your Ory Network account with Yubikey

Multi-factor authentication for the Ory Network leverages the FIDO2 open authentication standards. In this guide we are going to add a Yubikey to our Ory Network account in 3 easy steps. The Ory Network currently offers two second factors to choose from: TOTP & Hardware Tokens.

Picture of Vincent Kraus
Vincent Kraus

Developer Advocate

Guide
Jan 26, 2022

Multi-factor authentication ensures that your Ory Network account is secured even if your credentials have been compromised.

The Ory Network currently offers two second factors to choose from:

  • Authenticator App
  • Hardware Token

An Authenticator App is an application on e.g. your mobile device that generates a time-based one-time-password (TOTP); generally a six digit code that is valid for ~60 seconds.

A Hardware Token is a physical device that stores cryptographic keys to generate one-time passwords (other methods of authentication are also supported by hardware tokens).

Multi-factor authentication for the Ory Network leverages the FIDO2 open authentication standards which include both WebAuthentication (web APIs for passwordless authentication in browsers) and CTAP protocols.

In this guide we are going to add a Hardware Token "Yubikey" to our Ory Network account in 3 easy steps.

Hardware tokens come in many different sizes & shapes. One of the most widespread is the Yubico Yubikey. I am going to use the Yubikey 5 with a USB-C connector in this guide, but it will work just the same with other models.

Adding Yubikey to the Ory Network

For this guide you just need your Ory Network account and have the Yubikey or other hardware token on hand.

  1. Log into console.ory.sh & open the settings page.
  2. Type the name of your security key.
    In my case it is Yubikey, but you can name your security key whatever you feel like.
  3. Hit "Add Security Key" and connect your Yubikey.
    Plug in your Yubikey and when you see the symbol blinking with a green light, touch it to activate the Yubikey.

That is it, we are done! 🥳

See also this video going over the individual steps:

Your Ory Network project is now protected with the Hardware Token "Yubikey".

When you login the next time, you will use your credentials/social login as before.

Then you get a prompt to Please complete the second authentication challenge.

Connect the Yubikey and press the Use Security Key button. Now your Yubikey blinks with a green light. Touch it to activate and complete your authentication.

If you haven't already, sign up for a free account at Ory Network!

Further reading

Artificial Intelligence
April 17, 2025

Bad Robot: What Makes Agentic AI Good vs. Bad?

Jeff Hickman
Jeff Hickman

Understand the risks of insecure MCP implementations and how OAuth keeps your AI agents compliant, trustworthy, and safe.

Guide
April 02, 2025

CIAM vs IAM

The Ory Team
The Ory Team

Discover the major differences and similarities between CIAM and IAM, and which is right for your identity management.

<- Back to Blog