Configuring the PingID desktop app PIN
As an extra layer of security, you can require users to enter a 4 or 6-digit PIN code to access the PingID desktop app.
About this task
If you enable the PingID desktop app security PIN:
-
Users are prompted to create a PIN code when they pair the desktop app. The PIN code must include at least 3 or 4 different digits for PIN lengths of 4 and 6 digits, respectively. Digits must not be in ascending or descending sequence, such as 1234 or 4321.
-
Users are prompted to enter the PIN code each time they launch the PingID desktop app.
-
The PingID desktop app is locked after 3 minutes of inactivity, and the user must enter the PIN to unlock it.
-
In the event of three consecutive incorrect PIN entries, the user is blocked from accessing the app for 2 minutes. This applies to both the PIN entry and the PIN change windows. Lockdown takes effect from the time of the lock, no matter if the PingID desktop app remains open or is closed and relaunched.
-
The PingID desktop app must be online for a user to pair the app. However, a user who is offline can still create a PIN, enter the PIN to access the desktop app, or change their PIN.
-
The desktop app must be online for a change in PIN configuration to take effect, such as enabling or disabling the PIN or changing its length.
-
If a user pairs the desktop app to more than one organization, the user must create only one PIN, according to the most restrictive organization requirements. For example:
-
If only one organization has enabled the Desktop Security PIN feature, the user is required to enter their PIN to use the desktop app for authentication to all organizations, including those which do not require the PIN.
-
If one organization requires a 4-Digit PIN and a second organization requires a 6-Digit, the user will be required to enter a 6-digit PIN.
-
-
If the PIN code is already enabled, and the administrator changes the length of the PIN code required, users must first enter the app using the old PIN and then create a new PIN of the new length.
Steps
-
Go to Applications > Applications.
-
In the Applications list, select PingID Desktop.
-
On the Configuration tab, click the Pencil icon and then select the Require desktop app security PIN checkbox.
-
In the Desktop Security PIN section, click either 4-Digit or 6-Digit to indicate the PIN length.
-
Click Save.
Result:
If an administrator edits the PingID desktop configuration to require a PIN code, changes are implemented at the user level according to the PingID version and the user flow.
-
Users installing the PingID desktop app for the first time are prompted to create a PIN at the end of the desktop app pairing flow.
-
Users with the PingID desktop app 1.4 or later already paired are prompted to define a PIN code the next time they open the PingID desktop app while online.
-
Next steps
Add the MFA policy to the MFA step in the relevant Authentication policy. Learn more in Adding a multi-factor authentication or PingID step.