FIDO2
Sectona PAM integrates with Fast Identity Online (FIDO2) for multi-factor authentication. FIDO2 provides hardware tokens. FIDO2 tokens enable users to quickly and securely access any website or online service that supports the FIDO2 protocol using a single device. To authenticate, a user simply inserts a USB token into any port. Then, the user presses the token button and enters his or her password or PIN.
Before you begin
Make sure the user has hardware device that generates tokens.
Configuring FIDO2 with Sectona
To configure FIDO2 on Sectona, follow the below steps:
Login to PAM as an administrator.
Go to Platform Configuration under the Authentication column and click on Multifactor Authentication → FIDO2.
Click on Active to activate the configuration.
Click on Save and FIDO2 MFA will be enabled.
For enabling FIDO2 MFA for users, the administrator will need to assign User Logon Policy with MFA Type as FIDO2. For more information, refer to Setting up user logon policy.