Examples of FIDO2 Authentication Setup Flows
This section shows an example of FIDO2 authentication setup flows.
[ Reference ]
This setup flow example assumes the following configuration.
You can change the actual configuration sequence in accordance with your environment.
- On the login screen, set the time period in which users can register security keys.
- Provide guidance to users so that security keys will be registered during this period. After this period elapses, prevent users from registering their security keys at the login screen.
- Preventing the registration of security keys at the login screen helps to stop attackers that have obtained user ID and password information from registering security keys and gaining unauthorized access.
| 1. Setting up FIDO2 Authentication | |
|---|---|
| 1.1 Changing FIDO2 Authentication Settings | |
1.2 Enabling Multi-factor Authentication as the User Login Rule Configure the login policy as follows.
| |
| 2. Registering Security Keys | |
| 2.1 Registering Security Keys by Users (Registering Security Keys) | |
| 2.2 Registering Security Keys by Administrators (Registering FIDO2 Security Keys) | |
| 3. Changing Login Policies | |
3.1 Enabling Multi-factor Authentication as the User Login Rule Configure the login policy as follows.
| |