Integrating PingID with Windows login (passwordless)
Windows Login - Passwordless makes it possible for users to log-in to their Windows computer without a password, using just the PingID mobile app (version 1.15 or higher) or a FIDO2 security key.
A number of points to take into account before setting up Windows Login - Passwordless:
-
For users to use the passwordless login, they must already have a device that has been paired for PingID.
-
Windows Login - Passwordless includes support for Run as Admin.
-
Windows Login - Passwordless includes support for remote desktop (RDP). If you plan on using RDP, you must install Windows Login - Passwordless on both the accessing client and the remote computer.
Basic steps for setting up Windows Login - Passwordless
These are the main steps the administrator must carry out to set up the PingID integration with passwordless Windows login:
-
Create a new environment in PingOne and connect it to your existing PingID account.
-
Configure identity store provisioners.
-
Create an "issuance" certificate in PingOne.
-
Create an authentication policy in PingOne.
-
Create and configure a passwordless Windows login application in PingOne.
-
Generate a KDC certificate (if necessary).
-
Install the Windows Login - Passwordless integration software on the individual Windows client computers.