Examples of FIDO2 Authentication Setup Flows
This section shows an example of FIDO2 authentication setup flows.
[ Reference ]
This setup flow example assumes the following configuration.
You can change the actual configuration sequence in accordance with your environment.
- On the login screen, set the time period in which users can register security keys.
- Provide guidance to users so that security keys will be registered during this period. After this period elapses, prevent users from registering their security keys at the login screen.
- Preventing the registration of security keys at the login screen helps to stop attackers that have obtained user ID and password information from registering security keys and gaining unauthorized access.
1. Setting up FIDO2 Authentication | |
---|---|
1.1 Changing FIDO2 Authentication Settings | |
1.2 Enabling Multi-factor Authentication as the User Login Rule Configure the login policy as follows.
| |
2. Registering Security Keys | |
2.1 Registering Security Keys by Users (Registering Security Keys) | |
2.2 Registering Security Keys by Administrators (Registering FIDO2 Security Keys) | |
3. Changing Login Policies | |
3.1 Enabling Multi-factor Authentication as the User Login Rule Configure the login policy as follows.
|