You can use a FIDO2 security key for secure authentication with PingID. To set up your security key for secure authentication with PingID, you need to register or 'pair' it with your account.
Pairing creates a trust between the security key and your account, so you can use it to authenticate during the sign-on process.
After you have paired your account successfully, you can use a security key to access your account using a Web browser or to access a Windows login machine. If you do not have internet access or a network connection when accessing through Windows login, if you have authenticated successfully online at least once, you can also use a security key to authenticate manually when offline.
Pairing your security key
Register or 'pair' your security key so that you can use it to authenticate with PingID.
- Ensure you are using a browser that supports the use of a security key, such as Google Chrome or Firefox, and that you have the latest version of the browser.
- If you are pairing the security key using a mobile device, the mobile device must be
- Android devices: Android 7 or later
- iOS devices: iOS 13.3 or later
- If your security key uses biometrics, such as your fingerprint to authenticate, set it up according to the security key manufacturer's guidelines.
- If you are using a virtual machine (VM) to connect to your accessing device and want to pair your security key, ensure your VM is configured to recognize a USB device.
After you have paired your device, and authenticated successfully, you can also use it to authenticate for Windows login, if required.
Sign on to your account or app and when you see the registration window, click
You'll see the Add a New Device window, showing the security key icon.
In the Add a New Device window, click Security
Tap Authenticate using Face ID, even if your device only supports fingerprint authentication. You will be able to authenticate using your fingerprint.
A window appears and prompts you to authenticate with your security key.
Use your security key to authenticate.
- Make sure the Alternative Authentication browser window is the active window.
- If you see a message asking if you permit your device to communicate with the security key, select Allow or Yes to continue. The message might vary depending on your browser.
A green Authenticated message with a check mark appears, indicating your device has been paired successfully, and you are automatically signed into your account or app.
The next time you sign on to your account or application, follow the prompt to
authenticate using your biometrics device.
For more information, see Authenticating with PingID using a security key.