Manage Authenticators
Introduction
Your users can use IdentifyMe to register or reset multi-factor authentication methods, and enable Biometric login as the first factor. To use these features, you need to go to Safewhere Admin > Settings > System to enable them.
After that, you need to specify what OTP connections can show up on IdentifyMe for your users to use. You need to enable the settings in the red rectangle boxes on the Edit OTP connection page:
T-OTP authenticators
You can find the T-OTP authenticators card on the homepage:
The T-OTP authenticators page is where your users can manage their T-OTP authenticators such as Microsoft authentication, Google authenticator, Authy.
Register TOTP authenticator
You can register a T-OTP authenticator by clicking on the Register button:
The following example assumes that you have had an Authenticator app installed:
Click on the I have already set it up button:
Scan and enter the code to continue:
Safely save the recovery code:
After you have registered an T-OTP authenticator successfully:
Reset T-OTP authenticator
You can reset your authenticators by clicking on the Reset button.
The T-OTP authenticator is then reset and you can re-register it.
WebAuthn authenticators
You can find the WebAuthn authenticators card on the homepage:
The WebAuthn authenticators page is where your users can manage their WebAuthn authenticators such as Windows Hello, biometrics, FIDO2 keys.
Register WebAuthn authenticator
You can register a WebAuthn authenticator by clicking on the Register button:
The following example assumes that you have WebAuthn software ready:
Click on the I have already set it up button:
Click on the Register button then complete the registration on your device:
Safely save the recovery code:
After you have registered an T-OTP authenticator successfully:
Reset WebAuthn authenticator
You can reset your authenticators by clicking on the Reset button.
The WebAuthn authenticator is reset and you can re-register it:
