PSM can interact with your YubiKey account and can automatically request strong multi-factor authentication for your privileged users who are accessing the servers and services protected by PSM. When used together with YubiKey, PSM directs all connections to the YubiKey tool, and upon successful authentication, it permits the user to access the information system.
The integration adds an additional security layer to the gateway authentication performed on PSM. YubiKey 4, YubiKey 4 Nano, and YubiKey NEO devices are pre-configured with the Yubico OTP (all other YubiKeys except for the FIDO U2F Security Key by Yubico also support Yubico OTP). The OTP will be used for the authentication to the One Identity Balabit platform. This way, the device turns into a two-factor authentication token for the user. The one time password is changing after every authentication and is generated with dynamic keys.