Security Key Multifactor Authentication

FIDO2/Passkey-enabled security keys provide multifactor authorization through the use of a physical hardware device to verify identity in addition to the conventional login and password combination.

Any FIDO2/Passkey-enabled hardware is compatible with ARIN’s multifactor authentication, though only one key can be registered to an individual ARIN Online account.

Learn more about using security keys as an authentication method on the ARIN Blog.

Supported Hardware Devices

In our development of Security Key MFA, we tested our systems with these security keys:

  • YubiKey 5C
  • SoloKeys Solo USB-A
  • AuthenTrend ATKey.Pro Type C
  • Google Titan Security Key

We tested each device on Mac OS with Safari, Chrome, and Firefox and tested each device on Windows with Chrome, Firefox, and Microsoft Edge.

Enabling Multifactor Authentication Through FIDO2/Passkey

  1. Log in to your ARIN Online account. If you do not have multifactor authentication enabled on your account, you will be taken directly to the setup process.
  1. Under the first step of ‘Select Method,’ confirm your choice of ‘Security Key,’ and select Continue.

Select Text Message or Voice Call

  1. Under the second step of ‘Verify Method,’ give your security key a name and select Verify.

Select Security Key

  1. You will be prompted by your browser to complete the steps that will associate your security key with your ARIN Online account.

  2. You will be provided a set of 16 Recovery Codes that can be used if you lose access to your security key. You can enter any of these codes once each to log in to ARIN Online.

Recovery Codes

Important: Save your Recovery Codes in a password management tool, print it out, or write it down and store it in a safe place. These codes will only be displayed once.

Each Recovery Code can only be used once, though they can be used in any order.

Select Activate MFA to complete the setup process.

What happens if I want to update to a new security key?

Your ARIN Online account will be associated with only the most recent registered security key. If you wish to replace your current key with a new one, simply register the new key and it will disable the previous one.