diff --git a/docker/Dockerfile b/docker/Dockerfile
index 1fe29da2..42da9422 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -121,7 +121,7 @@ RUN case "$PREINSTALL_LIBS" in \
         true|yes|TRUE|YES) \
             cd meshcentral && \
             echo -e "----------\nPREINSTALLING LIBRARIES...\n----------"; \
-            npm install ssh2@1.16.0 nodemailer@6.10.1 image-size@2.0.2 wildleek@2.0.0 otplib@12.0.1 yubikeyotp@0.2.0;; \
+            npm install ssh2@1.16.0 nodemailer@6.10.1 image-size@2.0.2 wildleek@2.0.0 otplib@12.0.1 yub@0.11.1;; \
         false|no|FALSE|NO) \
             echo "Not pre-installing libraries.";; \
         *) \
diff --git a/meshcentral-config-schema.json b/meshcentral-config-schema.json
index ae75af2a..29414057 100644
--- a/meshcentral-config-schema.json
+++ b/meshcentral-config-schema.json
@@ -2785,7 +2785,7 @@
           },
           "yubikey": {
             "type": "object",
-            "description": "Yubikey configuration",
+            "description": "Yubikey OTP configuration (get API Key from https://upgrade.yubico.com/getapikey/)",
             "properties": {
               "id": {
                 "type": "string",
@@ -2794,11 +2794,6 @@
               "secret": {
                 "type": "string",
                 "description": "Yubikey secret key"
-              },
-              "proxy": {
-                "type": "string",
-                "format": "uri",
-                "description": "Yubikey proxy URL"
               }
             },
             "required": [
diff --git a/meshcentral.js b/meshcentral.js
index 5c0bad6b..bf3b623a 100644
--- a/meshcentral.js
+++ b/meshcentral.js
@@ -4369,7 +4369,7 @@ function mainStart() {
         // Setup 2nd factor authentication
         if (config.settings.no2factorauth !== true) {
             // Setup YubiKey OTP if configured
-            if (yubikey == true) { modules.push('yubikeyotp@0.2.0'); } // Add YubiKey OTP support
+            if (yubikey == true) { modules.push('yub@0.11.1'); } // Add YubiKey OTP support (replaced yubikeyotp due to form-data issues)
             if (allsspi == false) { modules.push('otplib@12.0.1'); } // Google Authenticator support (v10 supports older NodeJS versions).
         }
 
diff --git a/meshuser.js b/meshuser.js
index 211ed0de..10cc4ec0 100644
--- a/meshuser.js
+++ b/meshuser.js
@@ -3906,12 +3906,12 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                     if ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 1024) != 0)) return; // If this account is settings locked, return here.
 
                     // Yubico API id and signature key can be requested from https://upgrade.yubico.com/getapikey/
-                    var yubikeyotp = null;
-                    try { yubikeyotp = require('yubikeyotp'); } catch (ex) { }
+                    var yub = null;
+                    try { yub = require('yub'); } catch (ex) { }
 
                     // Check if 2-step login is supported
                     const twoStepLoginSupported = ((parent.parent.config.settings.no2factorauth !== true) && (domain.auth != 'sspi') && (parent.parent.certificates.CommonName.indexOf('.') != -1) && (args.nousers !== true));
-                    if ((yubikeyotp == null) || (twoStepLoginSupported == false) || (typeof command.otp != 'string')) {
+                    if ((yub == null) || (twoStepLoginSupported == false) || (typeof command.otp != 'string')) {
                         ws.send(JSON.stringify({ action: 'otp-hkey-yubikey-add', result: false, name: command.name }));
                         break;
                     }
@@ -3925,9 +3925,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                     // TODO: Check if command.otp is modhex encoded, reject if not.
 
                     // Query the YubiKey server to validate the OTP
-                    var request = { otp: command.otp, id: domain.yubikey.id, key: domain.yubikey.secret, timestamp: true }
-                    if (domain.yubikey.proxy) { request.requestParams = { proxy: domain.yubikey.proxy }; }
-                    yubikeyotp.verifyOTP(request, function (err, results) {
+                    yub.init(domain.yubikey.id, domain.yubikey.secret);
+                    yub.verify(command.otp, function (err, results) {
                         if ((results != null) && (results.status == 'OK')) {
                             var keyIndex = parent.crypto.randomBytes(4).readUInt32BE(0);
                             var keyId = command.otp.substring(0, 12);
diff --git a/webserver.js b/webserver.js
index 3760ad37..b470dec1 100644
--- a/webserver.js
+++ b/webserver.js
@@ -1073,10 +1073,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
 
             // If we have a match, check the OTP
             if (match === true) {
-                var yubikeyotp = require('yubikeyotp');
-                var request = { otp: token, id: domain.yubikey.id, key: domain.yubikey.secret, timestamp: true }
-                if (domain.yubikey.proxy) { request.requestParams = { proxy: domain.yubikey.proxy }; }
-                yubikeyotp.verifyOTP(request, function (err, results) {
+                var yub = require('yub');
+                yub.init(domain.yubikey.id, domain.yubikey.secret);
+                yub.verify(token, function (err, results) {
                     if ((results != null) && (results.status == 'OK')) {
                         parent.debug('web', 'checkUserOneTimePassword: success (Yubikey).');
                         func(true, { twoFactorType: 'hwotp' });