Authenticating with PingID using a hardware token - PingID

PingID End User Guide

bundle
pingid-user-guide
ft:publication_title
PingID End User Guide
Product_Version_ce
PingID
category
ContentType
Product
Productdocumentation
pingid
ContentType_ce
Product documentation

Use a one-time passcode (OTP)one-time passcode (OTP)OTP A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password. from your hardware token to authenticate securely with PingID.

If your organization allows it, you can use a hardware token to access your account using a web browser, to access your company's VPN, or to access a Windows login or Mac login machine.

Authenticating using a hardware token (Web)

Use a OTPone-time passcode (OTP)OTP A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password. from your hardware token to authenticate securely with PingID when accessing your account or app through a web browser.

  1. Sign on to your account or access an application that requires authentication.

    The Authentication window appears requesting your passcode.

    A screen capture of the Authentication window requesting a passcode from your hardware token.
  2. Enter the OTP from your hardware token. Click Verify.

    A green check mark appears, indicating your successful authentication and access. You are automatically signed on to your application.


    A screen capture of the successful authentication window displaying a green check mark and the Authenticated message.
    Note:

    If you did not get the green check mark, your hardware token might be out of sync. You see a further authentication window.


    A screen capture of the Authentication window final step

    Enter the OTP from your hardware token. Click Sign On. You should see the green check mark shown above.

Authenticating using a hardware token (VPN)

Use a OTPone-time passcode (OTP)OTP A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password. from your hardware token to authenticate securely with PingID when accessing your VPN.

  1. From your web browser or app, sign on to your VPN with your username and password.

    You are offered a text entry field for an OTP.

  2. In the text entry field, enter the OTP displayed on your hardware token to authenticate to your VPN.
  3. Click Sign in.

    After you are authenticated, you are signed on to your VPN.

Authenticating using a hardware token (Windows login)

Use a OTPone-time passcode (OTP)OTP A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password. from your hardware token to authenticate securely with PingID when accessing your Windows machine.

  1. Sign on to your Windows machine.

    The Authentication window appears requesting the OTP displayed on your hardware token.


    A screen capture of the Authentication window requesting the OTP displayed on the hardware token.
  2. Enter the OTP from your hardware token. Click Verify.

The green Authenticated message with a check mark appears, indicating authentication is successful and your access is approved. After a few moments, you are signed on to Windows.


A screen capture of the green Authenticated message with a check mark indicating successful authentication.
Note:

If you did not get the green check mark, your hardware token might be out of sync. You will see a further authentication window.


A screen capture of the Authentication window final step.

Enter the OTP from your hardware token. Click Sign On. You should see the green check mark shown above.

Authenticating using a hardware token (Mac login)

Use a OTPone-time passcode (OTP)OTP A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password. from your hardware token to authenticate securely with PingID when accessing your Mac machine.

Make sure:

  1. Sign on to your Mac machine.

    You'll see the Authenticating window, prompting you to enter a passcode.


    A screen capture of the Authentication window showing the passcode field.
  2. Generate an OTP using your hardware token.
  3. In the Authentication window, enter the OTP and click Verify.

    The green check mark indicates authentication is successful and your access is approved.


    A screen capture showing the green Authenticated success window.
    Note:

    If you did not get the green check mark, your hardware token might be out of sync. You will see a further authentication window.


    A screen capture of the Authentication window final step

    Enter the OTP from your hardware token. Click Sign On. You should see the green check mark shown above.

You're signed on to your Mac machine.


A screen capture of the Mac login desktop following successful sign-on.

Resynchronizing a hardware token

Hardware tokens need to maintain time synchronization.

To resync your token if you receive an error:

  1. Access the Devices page, do one of the following.
    • During authentication: When the Authentication screen opens, click Settings.
      Note:

      To resync an out-of-sync hardware token, you must first authenticate using an alternative method, such as email. That is the situation assumed in the example below.

    • From your organization dock: Click the Account icon () and then click Devices.
    • From a link provided by your IT department.

    The Devices page opens, showing the devices you currently have paired with your account. The primary device is shown in green.


    A screen capture of the My Devices page with a primary device enabled.

    Click the Expand icon () to view details of a device.


    A screen capture of the My Devices page with the details expanded for a device.
  2. Click the Resync Token option.

    The Hardware token sync window is displayed:


    A screen capture of the Hardware token sync page where the end user enters the passcode.
  3. Enter the passcode displayed on the token.

    The Final step window is displayed.


    A screen capture of the Final step window where the end users enters a new passcode.
  4. Wait for a new passcode on your token and enter it.
  5. Click Sync to complete the resync.

    Your token is now resynced and should be available for authentications.