Overview
This process outlines how to setup PIN, PUK, and Management key on new Yubikey (initialize Yubikey).
Prerequisites
- YubiKey 4 and newer
- Active Directory account
- Windows domain-bound machine (necessary for Step 5)
- Logged in as the account that will appear on the certificate
- Yubikey Manager
- Download direct from Yubico: https://www.yubico.com/support/download/yubikey-manager/#h-downloads
- Windows
- Mac
- Linux
Process
New Setup
- Run the Yubikey Manager application and insert your key
- Click on Applications and then click on PIV
Change PIN if Yubikey is fresh out of the box or it's been defaulted
skip to step 4 (Enrollment) if Yubikey is already initialized
- Click on Configure PINs
- Click Change PIN and then check Use default (if it is default).
Fill in the blanks.
Finish with changing PIN by clicking on Change PIN - Click on Change PUK and then check Use default (if it is default).
Fill in the blanks.
Finish with changing PUK by clicking on Change PUK - Click on Change Management Key and then check Use default (if it is default).
Fill in the blanks.
Finish with changing the key by clicking on Finish- You can check Protect with PIN to not need the Management Key for future
- You can check Protect with PIN to not need the Management Key for future
- Click on Configure PINs