Self-enroll your security key

Before you begin

To enroll your phone security key in the ​Akamai MFA​ service, follow the below steps:

  1. On your smartphone, download the ​Akamai MFA​ app from App Store (for iPhones) or Google Play Store (for Androids).

📘

If the ​Akamai MFA​ app download and install from Google Play Store on your mobile device is taking longer than normal, go to Settings > Apps and make sure you have no pending installations or updates. If there are any pending installations, either cancel them or wait for them to complete. This will let you proceed and complete the installation of the ​Akamai MFA​ mobile app.

  1. On your computer, download the Chrome, Microsoft Edge, Firefox or Safari browser extension for ​Akamai MFA​. Depending on the browser that you use, follow these instructions:

    • For Chrome and Microsoft Edge extensions:
      i. Go to the ​Akamai MFA​ extension page and click Add to Chrome.

      ii. In the Add ​Akamai MFA​ Authenticator dialog, click Add extension.

      A dialog with the QR code displays on your computer.

      iii. To pair your mobile device with the browser, open the ​Akamai MFA​ app on your mobile device, scan the QR code, and click Pair.

      A banner displays on your computer confirming that you've successfully paired your smartphone with the browser.

      Now, you can configure the extension's settings.

      iv. Go to Chrome > Extensions > Manage extensions > Details.

      v. To enable the extension on all sites, on the ​Akamai MFA​ extension page, in Site access, select On all sites.

      vi. To enable the ​Akamai MFA​ browser extension also for your sessions in the incognito mode, enable the Allow in incognito option.

    To learn more about Chrome extensions, see Install and manage extensions.

    • For the Firefox extension:

      i. Go to the ​Akamai MFA​ extension and click Add to Firefox (+).

      ii. In the Add ​Akamai MFA​ dialog, click Add.

      A dialog with the QR code displays on your computer.

      iii. To pair your mobile device with the browser, open the ​Akamai MFA​ app on your mobile device, scan the QR code, and click Pair.

      A banner displays on your computer confirming that you've successfully paired your smartphone with the browser.

      Now, you can configure the extension's settings.

      iv. Go to Firefox > Add-ons > Manage your extensions.

      v. To enable the ​Akamai MFA​ browser extension also for your sessions in the incognito mode, in Run in Private Windows, select Allow.

    To learn more about Firefox extensions, see Manage add-ons.

    • For the Safari extension:

      i. Go to the ​Akamai MFA​ extension page.

      ii. Click Install.

      You may be asked to enter your administrative password.

      A dialog with the QR code displays on your computer.

      iii. To pair your mobile device with the browser, open the ​Akamai MFA​ app on your mobile device, scan the QR code, and click Pair.

      A banner displays on your computer confirming that you've successfully paired your smartphone with the browser.

      Now, you can configure the extension's settings.

      iv. Go to Safari > Preferences > Extensions.

      v. To enable the extension, check the box next to ​Akamai MFA​ in the left sidebar.

      vi. To enable the extension on all sites, click Always Allow on Every Website.

      vii. To enable the ​Akamai MFA​ browser extension also for your sessions in the incognito mode, click Allow Private Browsing.

    To learn more about Safari extensions, see Get extensions.

📘

The following are the minimum browser versions that support the browser extension:

  • Firefox 87.0

  • Google Chrome 89.0.4389.90

  • Microsoft Edge 89.0.774.57

  • Safari 14.0.3

​Akamai MFA​ supports the FIDO2 (WebAuthn) and U2F standards for a strong, cryptographic authentication that includes 4 types of authenticators:

  1. U2F-only devices, for example, security keys.

  2. FIDO2 devices, for example, security keys.

  3. Platform authenticators that are built into the OS and browsers:

    • OS. For example, Touch ID on macOS and Windows Hello on Windows.

    • Browser. Platform authenticators built into the Safari browser on macOS and iOS, and Chrome on Android and Windows desktop devices.

  4. ​Akamai​ phone security key. This solution uses the ​Akamai MFA​ mobile app running on iOS or Android devices (the same app that is used to receive regular push notifications) paired with the ​Akamai MFA​ browser extension.

A security key is a cryptographic hardware device (like a Yubikey USB token or an iPhone using Apple's secure enclave) that securely connects to your computer either via USB, Bluetooth, or even over the network. This solution, which is also called a roaming authenticator, can be used for authentication purposes on multiple platforms, for example, PCs, laptops, tablets, or phones.

​Akamai MFA​ also supports the phone security key that lets you link your smartphone to a specific browser and create a cryptographically secure channel of communication between those two parties. With this solution, you enable the ​Akamai MFA​ mobile app on your mobile device, to generate your private/public key pair, store it and use it to authenticate your access to protected resources. The phone security key is also a roaming authenticator and can be paired with multiple platforms. You may only need to install multiple browser extensions if you're using different browsers to access different web applications.

Two components of the ​Akamai MFA​ phone security key solution and their roles in the authentication process are the following:

  • The ​Akamai MFA​ mobile app. Install the app on your Android or iPhone. The app generates a private/public key pair and stores your private key on your smartphone. During the enrollment process, you have to pair your phone with the browser's extension by scanning the QR code. This lets you transmit the browser's public key to the app. The browser's public key together with the app's public key is transmitted to the browser via the Internet, which lets you establish a secure channel of communication between the app and the browser. This also turns your smartphone into a highly secure authenticator

  • The ​Akamai MFA​ browser extension. Install one or multiple browser extensions on your computer. The extension discovers any paired authenticators and enables communication between the browser and the ​Akamai MFA​ mobile app. The browser extension securely communicates the origin of the page you're on (the domain) to the mobile app. It forwards security key signing requests to the ​Akamai MFA​ mobile app on your phone which, upon approval, returns the signature back to the web page for authentication.

After you pair your phone with the selected browser, you can follow these steps to enroll your phone or physical security key in the ​Akamai MFA​ service.

How to

  1. When you are redirected to ​Akamai MFA​ on your computer, in the Set up Multi-factor Authentication dialog, click Enroll a device.

  2. In Select a device to enroll, select Security key and click Next.

  3. Depending on the security key type that you're using, do the following:

    • If you're using the hardware security key, insert it into the USB port of your computer.

    • If you're using the phone security key, place your smartphone close to your computer.

  4. In Connect a hardware security key or use the ​Akamai MFA​ mobile app, enter the security key's name, and click Add.

  5. When ​Akamai MFA​ connects with your security key, you receive a registration request on your smartphone. Click Allow to confirm your identity.

    registration-requestregistration-request

    A confirmation message displays on your computer screen.

    Now that you registered your security key as your authenticator, you can start using it to respond to authentication challenges.


Did this page help you?