Setup for SalesForce

Firstly, you must be an Administrator and "My Domain" had been deployed correctly. If you didn't deploy "My Domain", please go to setup home and search "My Domain". In "My Domain" section, follow the instruction and deploy the domain step by step.
When the domain works normal, these are steps that how to setup the security key.

 

1. Enable two-factor authentication

Firstly, login to your domain.

At the right top of the website, click the setup drop down menu and choose setup home. In the "Quick Find" box, type "permission  sets". The permission overview section, create a  new permission set.

       

Now, fill the required form and add some description for the permission set and click save.

Go back to permission overview, and scroll down to click the "System Permissions". 

Click edit to check the "Two-Factor Authentication for User Interface Logins".

Now assign the permission to users by clicking the "Manage Assignments".

Then add assignments

Choose the users you want to assign to.

Go to the quick find box and type "session settings". Click the "session settings". Scroll down to "Identity Verification" and check the "Let users use a security key(U2F)".

    

And make sure the "Two Factor Authentication" is in the High Assurance box.

Go back to quick find box, and search "Users". In the list of the users, choose the user you want to register a security key.

Click the user and find the section "Security Key(U2F)". Then click "register".

The SalesForce would ask for login again to register a key.

Insert the security key and tap the button on it.

Now the security key has been registered. Login again to test it.

You can get more information about two-factor authentication by click here.