To use Two-factor Authentication, a Trusted certificate must be installed on the server or client machines purchased from the Certificate Authority. If not, the Enforce key checkbox will be grayed out and will not let the user enable the feature. Once the Enforce key is enabled, click Save Changes and log out from the web client.
Setting up a FIDO key involves several steps to ensure its security and functionality.
Once the prerequisites are in place, all users can add FIDO keys to themselves, but only Administrators will need to be able to Enforce the Two-factor feature for all system operators in Settings → Security Settings → Enforce Two-factor Authentication (IDENTIV uTrust FIDO2).
This setting will put in place the registered of a FIDO key to all Operators the next time they log in to the system.
Below are the detailed steps to set up a FIDO key:
In the login screen click the login button.
A Two-factor Authentication screen will pop-up. Click Add Key for Authentication.
Choose Security Key from the choices.
Insert the FIDO key into your computer's USB port and click OK to continue the Security Key setup.
The system will read the make and model of your Security key, Click OK.
Enter the PIN for the Security Key and Click OK.
Once it flashes an orange light, touch the biometric in the Security Key.
Now, the Passkey is saved in the system. Click OK
Enter the name you prefer to use for this key for future reference.
Now click login, and it will show a screen, as shown below. The Operator should touch the FIDO key connected to the system. It will verify and login to the Web Client.