If users want to use FIDO U2F key as two-factor authentication token to login to an application, the system administrator has to first enable the application with "FIDO U2F" authentication method, then users would be able to register their FIDO U2F keys to their user accounts.
Enable FIDO U2F Authentication Method
To enable an application with FIDO authentication method, follow the steps below:
- Login into the DualShield Management Console.
- Select the logon procedure associated with the application, e.g. Self-Service Console
- Right click "Logon Steps", and add the authenticator "FIDO U2F"
(Please Note: Once an application is enabled with FIDO U2F authentication, all users in the application are required to use FIDO to login to their user accounts.)
Register a FIDO Key
To use a FIDO key to log into their user accounts, user must register the FIDO key into their accounts. In this section, we take a web application: Self-Service Console as an example.
- Launch the web browser, and navigate to the application URL. Enter your username, you will see the screen as below:
(Please note: Currently, only Google Chrome browser supports the FIDO authentication method.) - Insert a FIDO key into a USB port, if necessary, you will be asked to activate your token.
- Enter the "Activation Code" that you have receive via E-mail or SMS text message.
- Once your token has been activated, it is ready for authentication.