Pro Tip! How to quickly find out if a YubiKey is still alive

Reading Time: 2 minutes

YubiKey

Windows Hello for Business Security Keys are Microsoft’s name to FIDO2-based security keys, when you use them with Windows Hello for Business on a Windows 10-based device.

Fido Alliance LogoAs the FIDO alliance strives to develop and promote authentication standards, FIDO2-based security keys work in many passwordless scenarios.

Yubico, one of the founding members of the FIDO Alliance, offers great Windows Hello for Business security keys with many options: YubiKeys. YubiKeys are designed and made to be resilient. However, sometimes, you may encounter a key from a bad batch (like with the early YubiKeys Bio) or you might just put a little too much strain on one. In that case, you might be wondering if the YubiKey is still alive.

 

Yubikeys

There is an easy way to quickly find out if a YubiKey is still alive or is dead, using the Yubico One-Time Password (YubiOTP) functionality that is found in every YubiKey, except for the FIDO2-only Security Keys. You don’t even have to install a Yubico tool to do this. All you need to do is perform these steps on a Windows-based or MacOS-based device:

  1. Open a browser and navigate to https://demo.yubico.com
  2. Click the Verify OTP tile.
  3. On the Test your YubiKey with Yubico OTP web page, put your cursor in the Yubico OTP field (marked as required).
  4. Insert the YubiKey into a USB port.
  5. Touch the YubiKey button.

If the YubiKey is still alive, it’ll fill in a hash-based OTP, starting with cccc*. If the YubiKey is dead, the field remains empty.

 

FIDO2-only Security Keys

For FIDO2-only Security Keys, the same website can be used:

Note:
As many organizations don't want to miss out on all the goodness Yubico has to offer, only a small percentage of all Yubikeys are (FIDO2-only) Security Keys at the moment.

  1. Open a WebAuthN-capable browser and navigate to https://demo.yubico.com
  2. Click the Test WebAuthn tile.
  3. On the Test your YubiKey with WebAuthn web page, click Next to perform a registration.
  4. Insert the Security Key into a USB port.
  5. Follow the on-screen instructions.
  6. Touch the Security Key button.
  7. Enter the PIN for the Security Key (if one has been configured for it, previously).

 

Device verified

If the FIDO2-only Security Key is still alive, the website will present you with a message including a green check mark, like in the above image.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.