FIDO2 and U2F Authentication Guide
FIDO2 and FIDO U2F authentication within IPI Authentication Service
Last updated
FIDO2 and FIDO U2F authentication within IPI Authentication Service
Last updated
IPI Key supports two authentication standards developed by the FIDO Alliance: FIDO U2F and FIDO2.
The PIN code created for Secure Device for Windows (FIDO) may differ from the PIN code in IPI Client.
Windows uses another technology to securely store, transfer, and verify the PIN code.
Select Start > Windows Settings > Account > Sign-in options > Security Key > Manage
After clicking on the Manage button, the IPI Key will require confirmation of this operation with a short press on the button. If you don’t confirm it in 20 seconds, Windows reports the problem and restarts the operation. Video
When the message “Take action on your Bluetooth security key” appears, confirm it with a short press on the IPI Key button. A "Windows Hello setup" window appears with the menu "Add Security Key PIN" and "Reset Security Key". Video
Select “Add PIN to Security Key” and enter the same PIN code containing 4 to 32 digits twice.
Go to the “Windows Hello setup” section and select “Change Security Key PIN” to change the PIN code. Next, you need to type your old PIN followed by a new one (twice) and click “OK”.
Enter the “Windows Hello setup” section and select “Reset Security Key” and then “Proceed” to remove the PIN code and FIDO data.
Each time the message “Take action on your Bluetooth security key” appears, confirm it with a short press. This action must be confirmed twice. Video
The success of the operation is signaled by the message “Reset Complete”. After that, all data associated with FIDO (PIN, accounts, resident key) will be removed.
To set up two-factor authentication using FIDO U2F in Gmail, Facebook, Twitter and/or a host of other services, no additional software is needed. Please, follow the instructions of U2F-supporting services to use IPI Key as your second factor. Here are some of them:
Password managerrs and identity management platforms:
Please follow the instructions of services that support the FIDO2/WebAuthn passwordless sign-in to use the IPI Key instead of your password:
