The PingID RADIUS PCV with EAP-MSCHAPv2 only works in no-challenge mode. Your users can enter a one time passcode (OTP) with their username when signing on in no-challenge mode.
The following authentication methods are supported for this mode.
User experience:
- If a mobile App user wants to authenticate using swipe or RADomS client username field.enter the OTP in the RADIUS client username field.
- When using a Desktop app or YubiKey, or if the user’s mobile App is offline,
then the user should add a comma after their username and then the OTP.
For example, user John can enter the OTP 123456 as John,123456.
- If the user is registered with multiple devices supported by this mode, an OTP generated by any one of those devices will authenticate the user.
- This mode does not support on-the-fly registration.
To configure the NPS to enable users to enter an OTP together with their username: