PingID End User Guide

Authenticating using your Android (Windows login)

You can authenticate to Windows login with your Android device in a variety of ways.

Use any of the following options:

If your organization allows you to authenticate using more than one device type, you can also add a device and decide which device you want to use as your primary (default) authentication method. For more information, see Managing your devices.

The options available to you are defined by your organization’s policy.

Using swipe authentication for Android (Windows login)

If you have the PingID app running on your mobile device and your organization is using swipe authentication, sign on to your Windows desktop or laptop machine using swipe to authenticate.

Before you begin

Pair your device with PingID mobile app to enable authentication. For more information, see (legacy) Pairing PingID mobile app for Android (using a QR code or pairing code) or Adding and reordering devices.

About this task

The authentication process might vary slightly depending on the Android version and the notification settings on your device. Some Android versions might give you the option to approve the push notification from the lock screen.

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      The Authenticating on…​ window appears, and an authentication notification request is sent to your mobile device.

      A screen capture of the Authenticating On…​ window.

      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.
  2. Accept the authentication notification, depending on your mobile’s notification settings:

    Choose from:

    • If you see the notification screen appears, slide the notification down until you see the option to approve or deny the request, and then tap Approve.

      A screen capture of the notification screen including a map showing the location, device type, and browser used by the accessing device, and the option to Approve or Deny the authentication request.
      For Android version 10 and higher, you must unlock your device to authenticate.
    • If PingID mobile app opens showing the swipe screen, swipe up to authenticate.

      A screen capture of the swipe authentication screen on a mobile device

      When opening PingID mobile app, update your location permissions to Allow all the time, if prompted to do so.

      Result:

      You’ll see the green checkmark on your mobile indicating your access is approved, and PingID closes.

      A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

Result

You are signed on to your Windows machine.

A screen capture of the Windows sign on home desktop page.

Using biometrics authentication for Android (Windows login)

Use your Android mobile device to scan your biometrics to authenticate and verify your identity.

Before you begin

Register your biometrics on your device and then pair your device in order to authenticate using your biometrics. For more information, see (legacy) Pairing PingID mobile app for Android (using a QR code or pairing code).

About this task

Authentication might vary depending on your phone model, phone settings, and whether your device is locked or unlocked when the authentication request is sent.

The following animation shows an example of a passwordless authentication flow using biometrics.

You might need to enter your password, depending on your organization’s configuration.

Animation showing online authentication flow

Biometrics authentication is only available if the option is enabled by your organization.

The authentication process might vary slightly depending on the Android version and the notification settings on your device. The images shown here relate to a Samsung device. Actual implementation might vary according to device model.

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      The Authenticating window appears, and an authentication notification request is sent to your device.

      A screen capture of the Authenticating On…​ window.
      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.
  2. Accept the authentication notification, depending on your mobile’s notification settings:

    Choose from:

    • If you see the notification screen appears, slide the notification down until you see the option to approve or deny the request, and then tap Approve.

      A screen capture of the notification screen including a map showing the location, device type, and browser used by the accessing device, and the option to Approve or Deny the authentication request.
      For Android version 10 and higher, you must unlock your device to authenticate.
    • If PingID mobile app opens, authenticate using your biometrics.

      screen capture of the biometrics authentication screen on a mobile device

      When opening PingID mobile app, update your location permissions to Allow all the time, if prompted to do so.

      Result:

      You’ll see the green checkmark on your mobile indicating your access is approved, and PingID closes.

      A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

      You are automatically signed on to your Windows machine.

      A screen capture of a user’s Windows desktop home page.

Authenticating using a one-time passcode (Windows login)

One of the authentication methods that administrators can allow is the use of a generated one-time passcode (OTP).

Before you begin

Pair your device with PingID mobile app to enable authentication. For more information, see (legacy) Pairing PingID mobile app for Android (using a QR code or pairing code) or Adding and reordering devices.

Steps

  1. Sign on to your Windows laptop or desktop machine.

    Choose from:

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      The Authenticating on…​ window appears. This is where you will enter the OTP after it has been generated in the app.

      A screen capture of the OTP window, showing the 6 cells in which you enter the OTP after it’s generated in PingID mobile app

  2. On the device you use for MFA, open the PingID app, and get the one-time passcode that is displayed.

    A screen capture of the one-time passocde displayed in the PingID mobile app.

    • When opening PingID mobile app, update your location permissions to Allow all the time, if prompted to do so.

    • The one-time passcode refreshes each time you open the PingID app. If you need to generate a new one-time passcode, tap New Passcode.

  3. Return to the Authentication window on your Windows computer, enter the passcode, and click Sign In.

    Result:

    MFA is complete, and you are signed on to your Windows computer.

    A screen capture of the Windows sign on home desktop page.

Authenticating using your Android watch (Windows Login)

You can authenticate with PingID mobile app using your Android watch.

About this task

Some Android models automatically allow you to authenticate using your Android watch. If the PingID mobile app is installed on your phone, and if your Android watch model and configuration are compatible with the PingID mobile app, you’ll automatically start receiving push notifications to your Android watch when your phone is locked.

The ability to authenticate using an Android watch varies according to Android model and configuration.

Steps

  1. If your Android device and configuration supports the use of Android watch for notifications, when your phone is locked, you will receive a notification to your watch automatically.

    Image showing an authentication request notification on an Android watch.
  2. Swipe to authenticate.

Authenticating manually with the PingID mobile app (Windows Login)

If you sign on to your Windows laptop or desktop machine without having a network connection, such as airplane mode or without Wi-Fi connection, you can authenticate manually using the PingID mobile app.

Before you begin

To authenticate manually with PingID you must first pair your device with PingID and authenticate online at least once. For more information see (legacy) Pairing PingID mobile app for Android (using a QR code or pairing code) or Adding and reordering devices.

About this task

The process to authenticate manually is different than the way you usually sign on.oxv1631177412403

To authenticate manually:

  • PingID mobile app must be installed on your device, paired with your account. Minimum requirements for manual authentication is PingID mobile app 1.18. For windows passwordless authentication, PingID mobile app 2.15 or later is required.

  • You need to successfully authenticate to the specific Windows machine you are trying to access online at least one time before you can authenticate manually.

  • Your device must have a working camera, with the PingID Mobile app camera permissions set to Approve. For more information, see PingID mobile app management (legacy).

Steps

  1. Sign on to your Windows laptop or desktop machine.

    • If your organization has eliminated passwords: Under Sign-in options, click the PingID icon, and then click the arrow.

    • If your organization requires a username and password: Under Sign-in options, click the key icon and enter your username and password and then click the arrow key.

      Windows Login sign on window

      Result:

      A Manual Authentication message appears, displaying a QR code requesting that you authenticate manually.

      A screen capture of the Manual Authentication window requesting you to enter the Authentication Code

      If you have more than one mobile device paired with your account, you’ll need to select the device you want to use to authenticate before the Manual Authentication message appears.
  2. On your mobile device, open the PingID mobile app:

    1. Tap the Gear icon ()

    2. Select Manual Auth.

    3. Authenticate using your device biometrics, if required.

      Result:

      The QR code scanner for manual authentication opens.

      A screen capture of the QR code scanner in the PingID mobile app.

  3. Using your mobile device, scan the QR code displaying in the Manual Authentication window.

    Result:

    You receive an Authentication Code.

  4. Enter the Authentication Code into the Manual Authentication window. Click Sign In.

    Result

    You are signed on to your Windows machine.A screen capture of the home page of a Windows machine.