Cache logon settings
This section describes the operation to configure whether to enable logon using FIDO authentication when the PC is offline.
FIDO authentication is basically performed by the YubiOn server in the cloud. However, there are times when communication with the YubiOn server is not possible, such as when the PC is temporarily offline. If Cache Logon setting is enabled, authentication information will be cached and used for authentication, thus maintaining the security even when the device is offline.
Operation Procedure
Select Authentication Service > Group Policy from the menu.
- Click the policy you want to configure from the group policy list.
- Click the “Cache Logon” setting icon in the Logon item of the Two-Factor Authentication Settings to change the setting.
- Enter the number of days of validity if you set it to be Enable.
- Click the “Update” button.
- Click “OK” on the confirmation message.
Set value
- Disable
When FIDO authentication is performed on a PC, it communicates with the YubiOn server online to perform authentication.
When this setting is used, the user cannot log on when the PC is offline. - Enable
Setting unit: days (1 - 30 days)
Allows you to save the cache information in your PC when you authenticate online with YubiOn server.
The cache information will be saved in the device when the user authenticates online with the YubiOn server, allowing the user to log on even when the PC is offline for the specified number of days.
If the number of days specified in the settings has passed, you will need to authenticate by communicating with the YubiOn server online again.
However, if you authenticate online before the specified number of days has elapsed, the number of days elapsed will be counted from that day again.This setting only affects logon using FIDO authentication. It does not affect password-only logon methods.