Yubikey is simple and does not require any software download or install to function properly. Read on how to reset your yubikey when you have forgotten your password.
Hi, my name is Jane and I enjoy my job as scientist in a pharmaceutical company. My boss entrusts me with all the company’s information because I work at the main quality control lab. Yubikey has helped me keep information intact and away from individuals who want to use it to incriminate the company. The information is kept safe in my MAC laptop that I carry with me from home to work every day. Recently, I failed to access the information on my laptop but I do not understand why. Since all my websites and accounts are locked away in my laptop, I sort to find a simple yet safe solution to reset the key
Read below on how you can reset your yubikey
Some yubikey series have different applets which mean the processes are different and you will have to reset only the part you are having an issue with.
Resetting the OTP Applet
Technically, you cannot reset the OTP on your yubikey using factory default settings. You can try to emulate factory reset by deleting all the credentials from both slots. Programme OTP and yubico credential to a common slot and upload them to a cloud. Before you follow these steps, keep in mind that the possibility of permanently deleting all your credentials stored in the two slots in your yubikey is close to 100%. You can delete the credentials by downloading and installing yubikey personalisation tool. Insert the yubikey to your pc after opening the personalisation tool. Ensure you verify that your yubikey has been identifies. Click the tool button and you’ll come across a delete configuration button. From there it is as simple as selecting the configuration slot one and two and clicking on delete.
Resetting the FIDO2 or security key on your app
The main reason for resetting your yubikey in this situation is when you have locked you FIDO pin and there are too many incorrect attempts to retrieve the password. You can correct by simply resetting the security of yubikey. Before you go ahead with this, keep in mind that all credentials, including the reset root for two factor authentication will be deleted. To reset the FIDO, first download the yubikey manager and insert the key into a port on your pc. When you open the yubikey manage, you will see the applications section, click on it and then the FIDO2 and reset. When a confirmation page appears, click reset to confirm. Remove and re-install the key in case you face any prompts.
Resetting the smart card applet on your yubikey
Before we begin, keep in mind that resetting the smart card on your yubikey will clear all the data on your smart card and reset everything to factory default. This reset will not impact any other applet but will clear all your certificates. There are two ways you can go about resetting the smartcard. For process one, once you have installed the yubikey manager on your pc, click on the application, choose PIV then press the PIV reset and you are done. Lucky for you there is another way when this does not work. Using the same yubikey manager, you can open command prompt is the administrator and run ykman PIV reset. The PC should give you a prompt where you will press y and the enter button to confirm reset.
How to reset the oath applet on your yubikey
Just like all the resets, you are bound to lose some information. This reset will delete all the oath credentials including the window registrations. To make sure you are not going to lose all your accounts by locking yourself out; ensure you disable all the 2FA requirements for the accounts. Insert the yubikey into a port on your PC, making sure the yubico authenticator is installed. Select the reset option from the file menu and you will good to go.
Conclusion
Since I had tried all the attempts possible to unlock the password on my yubikey, I decided to reset the FIDO or security key. Even though I lost all information, I had prepared for this in advanced and saved it in a separate websites. I like the fact that the reset was simple and I can develop another password easily.