This authentication method facilitates you to connect the FIDO U2F compliant token to the computer or laptop and touch the flashing token for authentication. When you try to authenticate on any device, token connected to the device is compared with the enrolled token. If the token details match, you are authenticated successfully.
HINT:To use the FIDO U2F method for authentication, you must install the Advanced Authentication Device Service. For more information about the Device Service, see the Advanced Authentication - Device Service
guide.
To authenticate with the FIDO U2F method, perform the following steps:
Ensure that the FIDO U2F token is connected to your workstation.
A message Please touch the flashing U2F device now is displayed.
You will be able to view a blink on the token. Touch the token’s button. If the token does not blink, reconnect your token.
NOTE:An administrator can configure an automatic session lock or log off on the U2F event. When a user returns to his workstation, the user needs to insert the U2F device into the computer and unlock the workstation.
The following table describes the possible error messages along with the workaround for the FIDO U2F authentication.
Table 10-12 FIDO U2F authenticator - error messages
|
Error |
Possible Cause and Workaround |
|---|---|
|
Wrong token. Try another one |
The token is incorrect. Repeat with another token, or re-enroll the authenticator in the Self-Service portal, or contact the helpdesk administrator. |
|
Connect a token |
Ensure that the token is connected to the workstation. |
|
<Your user name> has no authenticator for U2F |
You have not enrolled for the FIDO U2F authenticator. You must enroll the authenticator in the Self-Service portal or contact your helpdesk administrator. |
|
The token's counter is out of sync |
Ensure the server is available. |