The release of macOS Sierra 10.12 marks a new beginning for smart card users, as Apple has taken a step towards support for PIV compatible smart cards without requiring any vendor software or drivers to be installed.

View video: https://vimeo.com/181838502

Use the YubiKey PIV Manager to pair your YubiKey with macOS Sierra logins.

YubiKey PIV Manager for Windows authentication (requires a domain login) to establish an active connection to the Windows Certification Authority, set and change PINs and Personal Unlocking Keys (PUKs), request certificates from a Certification Authority, manage certificates, and reset the PIV applet.

Use the Yubico PIV Tool, with the command line interface, to administer a PIV-enabled YubiKey. This tool is intended for system administrators or more advanced users.

https://www.yubico.com/support/knowledge-base/categories/articles/piv-tools/

  1. Download and install YubiKey PIV Manager 1.4.0 or later on your Mac, running macOS Sierra (10.12).
  2. Open the YubiKey PIV Manager application and insert a YubiKey 4, YubiKey 4 Nano, YubiKey NEO, or YubiKey NEO-n into a USB port. Note that YubiKeys work with most USB-C adapters.
  3. If your YubiKey has not been set up previously with YubiKey PIV Manager, you will be prompted to create a new PIN. If your YubiKey has been set up previously with YubiKey PIV Manager, navigate to Setup for macOS, click Yes, and follow the prompts.
    • Use a 6-8 digit number for your new PIN and note it for future reference. Do not use letters or other characters in your PIN for use with macOS Sierra.
    • We recommend you leave the other options at their default setting. For more information about the Management Key, see the YubiKey PIV Manager User’s Guide.
  4. When prompted, remove and re-insert the YubiKey to begin the pairing process.
  5. To begin the Smartcard Pairing, click Pair.
  6. To allow pairing, enter your Mac User Name and Password.
  7. Enter the PIN you created in step 3.
  8. When prompted, enter your login keychain password.