Docs

Using Token2 Security keys for Discord

Name: Token2 C301-i programmable hardware token for Office 365 and Azure MFA
Brand: Token2
SKU: t2-51
Price: 21 EUR
Availability: InStock
Rating: 5 (4752 reviews)

Discord is great for playing games and chilling with friends, or even building a worldwide community. Customize your own space to talk, play, and hang out. Communication can be private or take place in virtual communities called "servers". A server is a collection of persistent chat rooms and voice channels which can be accessed via invite links.
In this guide, we will outline the steps required to configure Token2 Security keys as a authentication method for two-step verification.

Requirements:

• An access to the Discord account.
• Admin access to enable security keys (not required if security keys are already enabled)
• Modern browser supporting security keys.
• A Token2 FIDO security key.

Enable an MFA method

1. Log in to your Discord account.
2. Click 'User Settings'.

3. In the left menu, navigate to 'My Account,' then scroll down to 'Security Keys' in the right panel. Click 'Register a Security Key.'

4. You will be prompted to enter your account password. Enter it and click 'Confirm.'.
5. The security key enrollment wizard will start. Insert the security key and click 'Let's Go.'

6. Discord will begin identifying the security key. Press 'OK' to continue.

7. If you have set up a PIN code for the security key, you will be prompted to enter it.

8. Then you will be prompted to press the button on the security key to complete registration.
Note: Security keys differ in the exact instructions to activate them. Your key may require a tap or button press to activate registration.
9. Enter a name for the enrolled key and click 'Finish'.

10.Your enrollment process is now complete. Discord will provide you with backup codes to access your account in case you lose your security key. Click 'Download Backup Codes' to obtain them.

Login using MFA method

After successfully adding the key, you can use it for two-factor authentication. It must be used after entering your username and password.

Insert the security key and click "Log In".

Then click 'Authenticate with a passkey or security key' and continue the authentication process.

Discord's Login Flow with FIDO2 Keys Differs from Passkeys

Discord does not recognize FIDO2 security keys as "passkeys" and uses a distinct login flow. While passkeys offer passwordless authentication, Discord requires users to first enter their credentials before using FIDO2 keys as a second factor. This limits the passkey functionality FIDO2 keys are known for, offering an additional layer of security rather than fully replacing passwords.

It's important to note that the authentication window also includes an option to log in with a passkey. At first glance, this seems logical—if a security key has been added, FIDO2 keys are considered as passkeys, then this direct link should work. However, in the context of using FIDO2 keys with Discord, this option does not work. You will receive an error, as shown below

Please note that the same login requirements apply when logging in on mobile devices.