diff --git a/roles/user/yubikey/tasks/main.yml b/roles/user/yubikey/tasks/main.yml
new file mode 100644
index 0000000..e8f6c2d
--- /dev/null
+++ b/roles/user/yubikey/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+- name: Create a Yubico directory
+  ansible.builtin.file:
+    path: ~/.yubico
+    state: directory
+    mode: 0744
+    owner: "{{ target_user }}"
+    group: "{{ target_user }}"
+
+- name: Create authorized Yubikeys
+  ansible.builtin.template:
+    src: templates/authorized_yubikeys
+    dest: ~/.yubico/authorized_yubikeys
+    mode: 0644
+    owner: "{{ target_user }}"
+    group: "{{ target_user }}"
diff --git a/roles/user/yubikey/templates/authorized_yubikeys b/roles/user/yubikey/templates/authorized_yubikeys
new file mode 100644
index 0000000..8fefb64
--- /dev/null
+++ b/roles/user/yubikey/templates/authorized_yubikeys
@@ -0,0 +1 @@
+{{ target_user }}:{{ yubikey_token_id }}