Windows Hello for Business Security Keys are Microsoft’s name to FIDO2-based security keys, when you use them with Windows Hello for Business on a Windows 10-based device.
As the FIDO alliance strives to develop and promote authentication standards, FIDO2-based security keys work in many passwordless scenarios.
Yubico, one of the founding members of the FIDO Alliance, offers great Windows Hello for Business security keys with many options: YubiKeys. YubiKeys are designed and made to be resilient. However, sometimes, you may encounter a key from a bad batch (like with the early YubiKeys Bio) or you might just put a little too much strain on one. In that case, you might be wondering if the YubiKey is still alive.
Yubikeys
There is an easy way to quickly find out if a YubiKey is still alive or is dead, using the Yubico One-Time Password (YubiOTP) functionality that is found in every YubiKey, except for the FIDO2-only Security Keys. You don’t even have to install a Yubico tool to do this. All you need to do is perform these steps on a Windows-based or MacOS-based device:
- Open a browser and navigate to https://demo.yubico.com
- Click the Verify OTP tile.
- On the Test your YubiKey with Yubico OTP web page, put your cursor in the Yubico OTP field (marked as required).
- Insert the YubiKey into a USB port.
- Touch the YubiKey button.
If the YubiKey is still alive, it’ll fill in a hash-based OTP, starting with cccc*. If the YubiKey is dead, the field remains empty.
FIDO2-only Security Keys
For FIDO2-only Security Keys, the same website can be used:
Note:
As many organizations don't want to miss out on all the goodness Yubico has to offer, only a small percentage of all Yubikeys are (FIDO2-only) Security Keys at the moment.
- Open a WebAuthN-capable browser and navigate to https://demo.yubico.com
- Click the Test WebAuthn tile.
- On the Test your YubiKey with WebAuthn web page, click Next to perform a registration.
- Insert the Security Key into a USB port.
- Follow the on-screen instructions.
- Touch the Security Key button.
- Enter the PIN for the Security Key (if one has been configured for it, previously).
If the FIDO2-only Security Key is still alive, the website will present you with a message including a green check mark, like in the above image.
Login