This section describes the procedure for logging on to a PC using a smartphone.
Prerequisites
Authentication while offline
When logging on with a smartphone, authentication cannot be performed offline because the Internet is used for communication between the smartphone and the PC.
Start your PC and display the logon screen.
Make sure “YubiOn® FIDO Logon” is displayed on the screen.
If you don’t see “YubiOn® FIDO Logon”, click “Sign In Options” and then click the YubiOn icon.
There are two ways to log on using a smartphone.
*Smartphone logon by reading QR codes
As with registration, a QR code is scanned with a smartphone to connect to the terminal PC for authentication.
*Smartphone logon by notification
Based on the information on the past connection by QR code reading, a notification is sent to the smartphone to connect to the terminal PC and perform authentication.
Smartphone logon by notification requires that the smartphone supports this mechanism.
Currently, only smartphones running the Android OS are supported.
YubiOn FIDO Logon has multiple authentication methods, and depending on the usage situation, an authentication screen other than the authentication method you wish to use may appear.
In this case, click “Logon with another type of device” and select the appropriate logon method on the authentication information selection screen that appears.
Select “Logon with smartphone” if you wish to log on with a smartphone by reading a QR code, or “Logon with “(Device name)”” if you wish to log on with a smartphone by notification.
Launch an application that can read QR codes on the smartphone used for registration and read the QR code on the screen.
Enter your Windows password.
The Windows password you enter will be securely stored and will not need to be entered again.
If you change the Windows password, you will need to enter it again.
About Password Cache Regeneration
The password cache is stored using the most appropriate encryption method based on the information obtained during FIDO authentication.
Basically, a password cache is generated and used for each authentication information. However, the password cache may need to be regenerated due to differences or changes in authentication methods, such as the following
- Change of Windows password
- Differences in devices used for smartphone authentication
- Differences in authentication routes (direct logon, remote desktop logon)
- OS and software updates of PCs and smartphones
If you need to regenerate the password cache, you will be asked to enter your Windows password again at the time of logon, so please follow the instructions on the screen to enter the password.
Click “Start authentication”. A notification will be sent to your smartphone. Tap the notification and follow the on-screen instructions on your smartphone.
Enter your Windows password.
The Windows password you enter will be securely stored and will not need to be entered again.
If you change the Windows password, you will need to enter it again.
About Password Cache Regeneration
The password cache is stored using the most appropriate encryption method based on the information obtained during FIDO authentication.
Basically, a password cache is generated and used for each authentication information. However, the password cache may need to be regenerated due to differences or changes in authentication methods, such as the following
- Change of Windows password
- Differences in devices used for smartphone authentication
- Differences in authentication routes (direct logon, remote desktop logon)
- OS and software updates of PCs and smartphones
If you need to regenerate the password cache, you will be asked to enter your Windows password again at the time of logon, so please follow the instructions on the screen to enter the password.