PingID End User Guide

Using a hardware token (OTP) for authentication with PingID

You can use your hardware token to get a one-time passcode (OTP) that you can use for secure authentication with PingID. To set up your hardware token, you need to register or 'pair' it with your account.

Pairing creates a trust between the hardware token and your account so that you can use it to authenticate during the sign on process.

You can use a hardware token to access your account using a Web browser, to access your company’s VPN, or to access a Windows login or Mac login machine.

  • Web or Mac

  • VPN

  • Windows login

Pairing your hardware token (web)

Register or 'pair' your hardware token so that you can generate a one-time passcode (OTP) and use it to authenticate securely with PingID when accessing your account or app from a web browser.

About this task

After you have paired your device and authenticated successfully, you can also use it to authenticate for Windows login or Mac login, if required.

Steps

  1. Sign on to your account or app and when you see the registration window, click Start.

    A screen capture of the Registration window showing the Start button.

    You’ll see the Add a New Device window, showing the QR code.

    A screen capture of the Add New Device window showing device options available for you to add.

  2. In the Add a New Device window, click Hardware Token.

    A screen capture of the Add a New Device window displaying the Pairing Code.

    Result:

    The Hardware Token Pairing window displays.

    A screen capture of the Hardware Token window requesting the entry in the serial number field.

  3. Enter your token serial number. Click Next.

    The serial number is usually printed on the back of your token.

    Result:

    The Verification window displays.

    A screen capture of the Verification window.

    You might see the Final Step window. It indicates that you token needs to be resynchronized, if so, follow the instructions and then click Sync.

    Screen capture of the Final step window asking you to press the button on your token to get a new passcode and to enter it into the field in the Final step window.

  4. Enter the passcode from your hardware token. Click Verify.

    Result:

    A green check mark appears, indicating your device is paired successfully. You are automatically signed on to your account or app.

  5. The next time you sign on to your account or application, you need to authenticate using your hardware token.

    For more information, see Authenticating using a hardware token (Web).

Pairing your hardware token (VPN)

Register or 'pair' your hardware token so that you can generate a one-time passcode (OTP) and use it to authenticate securely with PingID when accessing your VPN.

Steps

  1. From your web browser or app, sign on to your VPN and enter your username and password.

  2. You will be asked to choose between several pairing devices. Enter other.

  3. Click Sign in.

  4. In the next text entry field, enter token followed by a space and then the serial number of your hardware token. (The serial number is usually printed on the back of the token. For example, token 12345678.)

  5. In the OTP text entry field, enter the passcode on your hardware token.

  6. Click Sign in.

    Result:

    Your hardware token is paired and authentication completed. You are signed into your VPN.

Pairing your hardware token (Windows login)

Register or 'pair' your hardware token so that you can generate a one-time passcode (OTP) and use it to authenticate securely with PingID when accessing your Windows login machine.

Steps

  1. Sign on to your Windows machine.

    A screen capture of the Windows login page.

    Result:

    The PingID registration window displays.

    A screen capture showing the registration window.

    Until you successfully complete the registration process, you cannot minimize the PingID registration window. If you close the window, you are automatically redirected back to the Windows login window.

  2. Click I want to use a different authentication method.

  3. In the Alternative Authentication window, in the Authentication Preference section, click Authentication using a hardware token. Click Next.

A screen capture of the Alternative Authentication window.

+

Result:

+ The Hardware Token Pairing window appears requesting the Serial number of your token.

+ image::mbn1564021291180.png[alt="A screen capture of the Hardware Token Pairing window."]

  1. In the Serial number field, enter your token serial number. Click Next.

    The serial number is usually printed on the back of your token.

    Result:

    A screen capture of the Hardware Token Verification Enter Your Passcode window.

    The OTP entry window is displayed

  2. Enter the OTP from your token. Click Verify.

A screen capture of the Windows home desktop page.

+

Result:

+ You are signed on to your Windows machine.

  1. The next time you sign on to your Windows machine:

    1. You receive a OTP through your hardware token.

    2. Enter the hardware token OTP in the Hardware Token Verification window.

    3. Click Sign On to authenticate and sign on.