Yubico Forum
https://forum.yubico.com/

YubiKey OTP is valid, but username/password were incorrect
https://forum.yubico.com/viewtopic.php?f=35&t=2538
Page 1 of 1

Author:  hughparker1 [ Mon Jan 23, 2017 9:13 pm ]
Post subject:  YubiKey OTP is valid, but username/password were incorrect

I have a YubiKey 4 Nano and inserted into my DELL Inspiron 5559 laptop running Windows 10.

When I touch the key it does generate my Public ID & Password OK so looks good.

I tested it at demo.yubico.com with Single-factor authentication and get message...
Congratulations! You have been successfully authenticated with the YubiKey!

When I try 'Two-factor' or 'Two-factor with username' I get message ...
Authentication failed! Authentication was NOT successful! While the YubiKey OTP was valid, the username and/or password were incorrect!

I did click 'Set credentials' and entered user and password before test.

I haven't uploaded the AES key to the Yubico validation server yet because I thought the YubiKey was ready to use for OTP mode. Any idea what I'm doing wrong?

Author:  ChrisHalos [ Mon Jan 23, 2017 10:12 pm ]
Post subject:  Re: YubiKey OTP is valid, but username/password were incorre

If the single-factor test at demo.yubico.com passes, you're good to go. The two-factor test is simply for registering a test/username and password and seeing that it all works together (people usually do things like username = demo5, password = demo1 or something similar). Are you trying to register your Yubico OTP somewhere else? LastPass perhaps? If so, just try adding your key there and see what happens.

If you're still using the default credential (starts with cccccc), the credentials are already present on the YubiCloud - nothing needs to (or can be) uploaded unless you programmed your own vv credential with the YubiKey Personalization Tool.

Author:  hughparker1 [ Mon Jan 23, 2017 10:41 pm ]
Post subject:  Re: YubiKey OTP is valid, but username/password were incorre

ChrisHalos wrote:
Are you trying to register your Yubico OTP somewhere else? LastPass perhaps? If so, just try adding your key there and see what happens.
Thanks for quick reply.

I haven't tried using my key anywhere yet, I was going to try using it with my existing app KeepassX 2.0.2, but I'm not sure if KeepassX is compatible with YubiKey OTP or can I only use U2F Static Password? Any advice would be appreciated.

Author:  ChrisHalos [ Tue Jan 24, 2017 1:05 am ]
Post subject:  Re: YubiKey OTP is valid, but username/password were incorre

KeePass can be done with either OATH-HOTP (https://www.yubico.com/why-yubico/for-i ... s/keepass/) or Challenge-Response (http://www.kahusecurity.com/2014/securi ... nd-factor/). The Challenge-Response method is better (and the same credential can be used for other things, like Mac or Windows login (local accounts).

If using with Windows Login as well, make not to set "require user input (button press)", otherwise Windows Login won't work. If you're not using Windows Login, I would recommend using require user input.

Author:  hughparker1 [ Wed Jan 25, 2017 1:24 am ]
Post subject:  Re: YubiKey OTP is valid, but username/password were incorre

ChrisHalos wrote:
KeePass can be done with either OATH-HOTP (https://www.yubico.com/why-yubico/for-i ... s/keepass/) or Challenge-Response (http://www.kahusecurity.com/2014/securi ... nd-factor/). The Challenge-Response method is better (and the same credential can be used for other things, like Mac or Windows login (local accounts)
Thanks for your quick reply and the links showing how to use my YubiKey with Keepass.

I have been using KeepassX 2.0.2 software for the past year (it is available for both Windows and Linux as I use both for my work) and wondered if your instructions will work for KeepassX also.

Once again thank you for your help, it is much appreciated.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/