PingID End User Guide

Authenticating using your iPhone (Windows login) (legacy)

This section describes the various ways you can authenticate to Windows login using your iPhone.

You can use any of the following methods to authenticate:

  • Swipe

  • Biometrics

  • Apple Watch

  • One-time passcode

  • Authenticate manually with PingID mobile app

  • Authenticate manually with the PingID mobile app

If your organization allows you to authenticate using more than one device type, you can add a device and decide which device you want to use as your primary (default) authentication method. For more information, see Managing your devices.

The options available to you are defined by your organization’s policy.

Using swipe authentication for iPhone (Windows login)

If you have the PingID app running on your mobile device and your organization is using swipe authentication, sign on to your Windows desktop or laptop machine using swipe to authenticate.

Before you begin

Pair your device with PingID mobile app to enable authentication. For more information, see (legacy) Pairing PingID mobile app for iPhone (using a QR code or pairing code) or Adding and reordering devices.

About this task

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

Windows Login sign on window

+

Result:

+ The Authenticating on…​ window appears, and an authentication notification request is sent to your mobile device.

+ A screen capture of the Authenticating On…​ window.

  1. Accept the authentication notification, depending on your mobile’s notification settings:

    Choose from:

    • If your device is locked, long press the notification until it shows the option to approve or deny the request, and then tap Approve.

    • If your device is unlocked, pull down the notification until it shows the option to Approve or Deny the request, and then tap Approve.

      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.

A screen capture of the notification screen including a map showing the location, device type, and browser used by the accessing device, and the option to Approve or Deny the authentication request.

  • If your mobile phone is unlocked and PingID is open, swipe to authenticate.

    A screen capture of the swipe authentication screen on a mobile device

    Result:

    The green Authenticated screen appears with a check mark, indicating successful authentication.

    A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

Result

You are signed on to your Windows machine.

A screen capture of a user’s home desktop after a user successfully signs on to their account.

Using biometrics authentication for iPhone (Windows login)

Authenticate with your device biometrics using PingID mobile app.

Before you begin

About this task

Authentication varies slightly depending on your phone model, phone settings, and whether your device is locked or unlocked when the authentication request sends.

The following animation shows an example of a passwordless authentication flow using biometrics. NOTE: You might need to enter your password, depending on your organization’s configuration.

nsq1631175870695

Biometrics authentication is only available to you if the option is enabled by your organization.

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      The Authenticating on…​ window appears, and an authentication notification request is sent to your mobile device.

      A screen capture of the Authenticating On…​ window.

      slh1631178498165

  2. Accept the authentication notification:

    Choose from:

    • If your device is locked, long press the notification until it shows the option to approve or deny the request, and then tap Approve.

    • If your device is unlocked, pull down the notification until it shows the option to Approve or Deny the request, and then tap Approve.

      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.

    • If your mobile phone is unlocked and PingID is open, you’ll be prompted to authenticate with your biometrics.

    • Face ID: Tap the message asking you to authorize scanning with Face ID, if prompted, or your face is scanned automatically.

      A screen capture of the TouchID for
    • Fingerprint: To scan your fingerprint, touch the Home button lightly.

      Result:

      The green Authenticated screen appears with a check mark, indicating successful authentication.

      Result

      You are signed on to your Windows machine.

      A screen capture of a user’s home desktop after a user successfully signs on to their account.

Enabling and disabling passcodes on your Apple watch (Windows login)

Enable the use of PingID one-time passcodes (OTPs) on your Apple watch.

About this task

If you have installed the PingID app on your device, the PingID Apple Watch app is automatically installed on your watch and you will start receiving notifications to your watch. You can also open the PingID app on your watch to receive a one-time passcode (OTP). If the Apple watch app is disabled, you will not be able to access a one-time passcode from your watch.

The Apple watch only receives notifications when your mobile device is locked, and the mobile device screen is in sleep mode.

Steps

  1. On your iPhone, tap the Watch app, and then tap PingID.

  2. To enable or disable the app on your Apple watch, tap Show App on Apple Watch.

    Result:

    The PingID app is installed on your Apple watch, and the PingID icon appears.

  3. To view the current one-time passcode, on your Apple watch, tap the PingID icon.

    Screen capture of an Apple watch displaying a one-time passcode.
  4. (Optional) To get a new passcode, tap Refresh.

Authenticating using a one-time passcode (Windows login)

One of the authentication methods that administrators can allow is the use of a generated one-time passcode (OTP).

Before you begin

Pair your device with PingID mobile app to enable authentication. For more information, see (legacy) Pairing PingID mobile app for iPhone (using a QR code or pairing code) or Adding and reordering devices.

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      The Authenticating on…​ window appears. This is where you enter the OTP after it has been generated in the app.

      A screen capture of the OTP window, showing the 6 cells in which you enter the OTP after it’s generated in PingID mobile app

  2. On the device you use for MFA, open the PingID app, and get the one-time passcode that is displayed.

    A screen capture of the one-time passocde displayed in the PingID mobile app.

    • When opening PingID mobile app, update your location permissions to Allow all the time, if prompted to do so.

    • The one-time passcode refreshes each time you open the PingID app. If you need to generate a new one-time passcode, tap New Passcode.

  3. Return to the Authentication window on your Windows computer, enter the passcode, and click Sign In.

    Result:

    MFA is complete, and you are signed on to your Windows computer.

    A screen capture of the Windows sign on home desktop page.

Authenticating manually with the PingID mobile app (Windows Login)

If you sign on to your Windows laptop or desktop machine without having a network connection, such as airplane mode or without Wi-Fi connection, you can authenticate manually using the PingID mobile app.

Before you begin

To authenticate manually with PingID you must first pair your device with PingID and authenticate online at least once. For more information see (legacy) Pairing PingID mobile app for iPhone (using a QR code or pairing code) or Adding and reordering devices.

About this task

The process to authenticate manually is different than the way you usually sign in.Animation showing passwordless manual authentication.

To authenticate manually:

  • PingID mobile app must be installed on your device, paired with your account. Minimum requirements for manual authentication is PingID mobile app 1.18. For windows passwordless authentication, PingID mobile app 2.15 or later is required.

  • You need to successfully authenticate to the specific Windows machine you are trying to access online at least one time before you can authenticate manually.

  • Your device must have a working camera, with the PingID Mobile app camera permissions set to Approve. For more information, see PingID mobile app management (legacy).

Steps

  1. Sign on to your Windows laptop or desktop machine.

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      A Manual Authentication message appears, displaying a QR code requesting that you authenticate manually.

      A screen capture of the Manual Authentication window requesting you to enter the Authentication Code

      If you have more than one mobile device paired with your account, you’ll need to select the device you want to use to authenticate before the Manual Authentication message appears.

  2. On your mobile device, open the PingID mobile app:

    1. Tap the Gear icon ()) .

    2. Select Manual Auth.

    3. Authenticate using your device biometrics, if required.

      screen capture of the PingID mobile app Settings Menu with the Manual Auth option selected

      Result:

      The QR code scanner for manual authentication opens.

      A screen capture of the QR code scanner in the PingID mobile app

  3. Using your mobile device, scan the QR code displaying in the Manual Authentication window.

    Result:

    You receive an Authentication Code.

    A screen capture of the Authentication Code

  4. Enter the Authentication Code into the Manual Authentication window. Click Sign In.

Result

You are signed on to your Windows machine.A screen capture of the home page of a Windows machine.