Can't enable existing YubiKey for Administrator login


I’ve added a YubiKey hardware token to my User account and used it successfully for logging in as that user to a Remote Desktop Session.

I would also like to use the same token for logging in to the Duo Admin Panel. When I edit the Administrator account, however, there is nowhere to select a hardware token under Secondary Authentication. Only Duo Push is listed.

If I go to Hardware Tokens and click Attach User, the Administrator account is not listed.

Is this a limitation of using Duo Free, or is there some other reason I can’t attach the existing YubiKey to the Administrator account?


Hi rkoett, I don’t think that is available in Duo Free.


We have the Duo Access level in my organization and I am not seeing it there either. Only options on the Admin login page are “Duo Push”, “Text Me”, and “Call Me”. Under “Admin Login Settings” we do have the Yubikey AES option checked, but no joy. What if anything might I be missing?


  • Butler



Enter the Yubikey OTP passcode in the passcode field, underneath the “Duo Push”, “Text Me”, and “Call Me" buttons.


Yes, I tried that. It simply says “Invalid login code”.



My response above was directed to ButlerKevinD, who is working with Access edition, so admin token MFA is included.

As @mkorovesisduo noted in the initial response to you, admin token MFA is not included in Duo’s free plan.

Sorry for any confusion I caused!