Page History

The user page contains the information on the quantity of registered user authenticators and their parameters.

Authenticator registration

1. Select the required authenticator.
2. Click the gearwheel icon.
3. Click

1. “Register”.Image Added

2. Enter the data for enrollment of selected authenticator and click

1. “Save”.

1. Note
   Windows and actions required for enrollment vary for different authenticators.

   Image Added

2. If registered successfully, the authenticator is displayed as registered.Image Added

1. “Unavailable” icon is displayed in the right part of the authenticator panel if provider with registered authenticators is removed.Image Added
2. Email and SMS providers are registered automatically if the user has e-mail address or phone number defined, respectively.
   1. If the user does not have e-mail address defined after installation of E-mail provider, then the authenticator is not used.

1. 1. “@” icon is displayed in the right part of the authenticator panel.Image Added
   2. If the user does not have phone number defined after installation of SMS provider, then the authenticator is not used.

1. 1. “Receiver” icon is displayed in the right part of the authenticator panel.Image Added

Authenticator deactivation

1. Select the required authenticator.
2. Click the gearwheel icon.
3. Select

1. “Disable”.Image Added
2. If authenticator is deactivated, the user cannot use the corresponding authentication method. Deactivated authenticator is marked with red

1. “Prohibited” icon.Image Added

Automatic lock and unlock of authenticators

To configure authenticator lock, open "Login method

lock” policy (Computer configuration/Policies/Administrative templates/Indeed ID/Server).

The policy applies to Indeed servers. It allows to configure automatic lock / unlock of authenticators.

Not Configured or Disabled

If the policy is not configured or disabled, then authenticators are not locked.

Enabled

Authenticator lock / unlock is performed according to the policy parameters.

Parameters:

• Number of authentication attempts until lock.

The setting specifies the number of unsuccessful authentication attempts until the login method is blocked. The blocked method becomes unavailable until unlocked by administrator or until unlocking timeout expires. If this value is set to 0, then the login method is never blocked.

• Unlock timeout of login method.

The setting specifies the timeout period in minutes the login method is blocked for. When this period expires, the login method is unlocked automatically. If timeout value is set to 0 for a login method, then the method remains locked until unlocked explicitly by administrator.

• Reset locking counter in

The parameter defines the number of minutes that must pass after unsuccessful login attempt before the locking counter is reset to 0. The admissible value range is from 1 to 99,999 minutes. If the number of authentication attempts until blocking is defined, then this reset interval must not exceed the value of "Login method unlocking timeout” parameter.Image Added

If the authenticator has been locked via group policy, then

“Lock” icon is displayed in the right part of the authenticator panel.Image Added

To unlock, proceed as follows:

1. Select the required authenticator.
2. Click the gearwheel icon.
3. Select

1. “Unlock”.

Authenticator modification and removal

1. Select the required authenticator.
2. Click the gearwheel icon.
   1. Authenticator modification
      • Select

1. 1. • “Reenroll” to modify the authenticator.Image Added
      • Enter the new data for the authenticator and click

1. 1. • “Save”. Image Added
   2. Authenticator removal
      • Select

1. 1. • “Delete” to remove the authenticator.Image Added
      • Click

1. 1. • “Delete” in confirmation window.

1. 1. • Image Added