7.20 FIDO U2F

The FIDO U2F authentication method facilitates you connect the FIDO U2F compliant token to the computer or laptop and touch the flashing token for authentication. When you try to authenticate on any device, token connected to the device is compared with the actual device. If the device details match, you are authenticated successfully.

NOTE:You must install the Advanced Authentication Device Service for all browsers except Google Chrome. It contains a built-in module.

To authenticate using the FIDO U2F method, perform the following steps:

  1. Ensure that the FIDO U2F token is connected to the workstation.

    A message Please touch the flashing U2F device now is displayed.

  2. Touch button on the token when there is a flash.

    If the token matches with the enrolled U2F token, the FIDO U2F authentication is successful.

    If there is no flash, wait for few seconds. If there is no flash for more than a minute then try to reconnect your token and repeat the steps.

The following table describes the possible error messages along with the workaround for the FIDO U2F authentication.

Table 7-11 FIDO U2F authenticator - error messages

Error

Possible Cause and Workaround

Wrong token. Try another one

The token that you have connected is incorrect.

Try to authenticate with another token or re-enroll the authenticator in Self-Service portal or contact your helpdesk administrator.

Connect a token

The token is not connected properly.

Try to connect it to a different USB slot and authenticate again.

<Your user name> has no authenticator for U2F

You have not enrolled for U2F method.

You must enroll the authenticator in the Self-Service portal or contact your helpdesk administrator.