We are using Yubikeys with DUO but those can only be configured as Hardware Tokens which require some pre-configuration steps through the Yubikey personalization tool.
This is pretty tedious since we can’t deliver them directly to the end users.
We can configure them as U2F which is awesome and much more simple but unfortunately, Online mode doesn’t support U2F yet
I’ve been told that DUO was planing to support it in a future version, so I’d like to know if there is some developments about that new feature.
Here is the comment I received from DUO support few months ago
We do plan on supporting U2F for online mode next year. U2F offline is supported today because we got it to work locally, but the way U2F typically works requires a completely different codepath so we need to build the infra up to our cloud service. For online mode today, users will still have to use the Yubikeys as OTP mode which requires it to be programmed. For offline mode or any other web based integration supporting our iframe, U2F can be used and they can be self-enrolled easily by the end user without any configuration from the Yubikey Personalization tool and Duo admin panel.