diff --git a/decisions/0030-mfa-yubikey-strategy.md b/decisions/0030-mfa-yubikey-strategy.md
index 89f8c3d..d5dd2a1 100644
--- a/decisions/0030-mfa-yubikey-strategy.md
+++ b/decisions/0030-mfa-yubikey-strategy.md
@@ -140,7 +140,7 @@ return True
 
 ### Current State
 
-Vaultwarden deployment has WebAuthn enabled by default, but admin panel configuration may be needed.
+Vaultwarden deployment has WebAuthn support built-in. Configuration is done via the admin panel.
 
 ### Required Configuration
 
@@ -148,15 +148,24 @@ Vaultwarden deployment has WebAuthn enabled by default, but admin panel configur
 
 Access admin panel at `https://vaultwarden.daviestechlabs.io/admin`:
 
-```
-Settings → Advanced:
-  Enable Web Vault: true (already set)
-  
-Two-Factor Authentication:
-  Enable WebAuthn: true (verify this is set)
-```
+1. Navigate to **Settings** section
+2. Find **Yubikey** settings:
+   - For WebAuthn/FIDO2: No additional configuration needed (enabled by default)
+   - For Yubikey OTP: Requires Client ID and Secret Key from Yubico
+3. Find **Two-Factor Authentication** or **General** settings:
+   - Verify WebAuthn is not disabled
+4. Click **Save** if any changes made
 
-#### 2. Optional: Enable Yubikey OTP
+#### 2. User Setup (WebAuthn)
+
+1. Log into Vaultwarden web vault
+2. Go to Settings → Security → Two-step Login
+3. Click Manage next to "FIDO2 WebAuthn"
+4. Click "Register new key"
+5. Insert Yubikey and touch when prompted
+6. Name the key (e.g., "Yubikey 5 NFC")
+
+#### 3. Optional: Enable Yubikey OTP
 
 If users want Yubikey OTP as an additional option (the 44-character string feature):
 
@@ -164,7 +173,16 @@ If users want Yubikey OTP as an additional option (the 44-character string featu
 
 Visit: https://upgrade.yubico.com/getapikey/
 
-**Step 2: Store credentials in Vault**
+**Step 2: Enter credentials in Admin Panel**
+
+In the Vaultwarden admin panel → Yubikey section:
+- Enter **Client ID**
+- Enter **Secret Key**
+- Click **Save**
+
+Alternatively, for GitOps management:
+
+**Step 2b: Store credentials in Vault**
 
 ```bash
 vault kv put kv/vaultwarden-yubico \
@@ -215,15 +233,6 @@ envFrom:
 
 **Status:** ⏳ NOT IMPLEMENTED - Requires Yubico API credentials
 
-#### 3. User Setup (WebAuthn - Already Available)
-
-1. Log into Vaultwarden web vault
-2. Go to Settings → Security → Two-step Login
-3. Click Manage next to "FIDO2 WebAuthn"
-4. Click "Register new key"
-5. Insert Yubikey and touch when prompted
-6. Name the key (e.g., "Yubikey 5 NFC")
-
 ## MFA Requirements by User Group
 
 | Group | MFA Requirement | Allowed Methods |