...
First, administrators need to seed SafePass USB keys with TOTP tokens, then upload the token seeds onto the Azure MFA server. As the SafePass USB key does not have the display function, user will use the SafePass application to display OTP generated by the SafePass USB key.
Seeding SafePass USB Keys
To program and seed SafePass keys, you need to use the SafePass admin tool.
Include Page | ||
---|---|---|
|
|
Click the link above to download it and save it in a folder on your hard drive.
Follow the steps below to seed a SafePass key.
- Insert a SafePass USB key into a PC
- Launch the SafePass Admin tool
3. On the option "Mode", tick both "Keyboard" and "U2F", and press "Apply" button, then press the button on the key to accept the apply action.
4. On the option "Key Press", select either "Enabled" or "Disabled", and press "Apply" button to save it.
If Key Press is enabled, then the user will have to press the key button to generate a OTP.
If the Key Press is disabled, then the OTP will be displayed without pressing the key button
5. Press "New Token" button
6. On the option "Algorithm", select "TOTP"
7. On the option "Hash", select "SHA-1"
8. On the option "Digits", select "6"
9. Press the "Generate" button to generate a radom Serial Number and Seed data
You can overwrite the Serial Number if you wish with your own number
10. In the "Username" field, enter the user's UPN
11. Finally, press "Save" button to save the token into the USB key
To continue program more USB keys, insert a new key and repeat the Step 9 to 11.
|
Uploading Seed File to Azure MFA
...