Setting up Two-Factor Authentication - Microsoft Authenticator

Microsoft Authenticator is a software-based authentication token developed by Microsoft. It generates a six-digit code that users should enter as the second factor of authentication. To use it, you need to install the Microsoft Authenticator app on your smart phone or tablet devices. Unlike waiting for a few seconds to receive a text message for authentication, the app generates a new six-digit code every 30 seconds.

Caution

Enable Microsoft Authenticator as the TFA and enforce it to the PAM360 users prior configuring it from the Microsoft interface. Refer here for detailed instructions.

Connecting to the PAM360 Web Interface with Microsoft Authenticator as TFA

The users for whom TFA is enabled will have to authenticate twice successively. The first level of authentication will be through the usual authentication, i.e., the users have to authenticate through PAM360's local authentication or Active Directory/LDAP authentication, whichever is enabled.

Perform the following steps to connect to the PAM360 web interface after enabling Microsoft Authenticator as TFA:

  1. On the PAM360 login page, proceed with the first level of authentication and click Login.
  2. Associating Microsoft Authenticator with your PAM360 account: When you are logging in for the first time after enabling TFA through Microsoft Authenticator, you will be prompted to associate it with your account in PAM360. After launching the Microsoft Authenticator app in your mobile device or tablet,
    1. Tap the + button or the QR code scanner icon. Then, select Other (Google, Facebook, etc.).
      microsoft_auth1microsoft_auth2
    2. Here, you can either scan the QR code displayed in your PAM360 website by scanning the QR code shown in the GUI, or enter code manually.
      Setting up TFA - Microsoft Authenticator
    3. If you choose to enter the code manually, the GUI will prompt you to enter an account name and a security key.
    4. Supply an Account name for your PAM360 account in the format — PAM360:account name (for example. PAM360:john@abc.com).
      Microsoft_Authenticator1Microsoft_Authenticator2
    5. Provide an alphanumeric string as your Secret key, and then click Finish.
    6. Microsoft Authenticator will now start generating codes periodically, that changes every 30 seconds.
    7. You can enter this code in the text box provided on the PAM360 login page for the second level of authentication.

Additional Detail

If you lost your TFA registered device or deleted the Microsoft Authenticator application, reset the TFA using the applicable method mentioned here.




Top