Overview
Please Note: Mac computers cannot currently use hardware (Yubikey) or software (Authenticator) passkeys to log in to the Cisco Secure Client.
Requirements
- item 1
- item 2
- item 3
Instructions
Step 1
Open the Cisco Secure Client and choose the appropriate VPN group.
Step 2
If Windows Hello Prompt appears (as pictured below), select Use a different passkey. Otherwise, select Sign-in Options, then select Face, fingerprint, PIN, or security key.
image
Step 3
The windows below should appear. Select Choose a different passkey.
image
Step 4
Select iPhone, iPad or Android Device.
image
Step 5
A QR Code is displayed on the screen.
image
Step 6
From your Mobile Device: Open MS Auth App, choose the correct Account -> Passkey and the screen below should appear:
image
Step 7
Tap the QR Code Icon in bottom right (as circled in the image above).
image
Step 8
Point your camera at the QR Code on the screen, and it should detect the QR Code quickly.
Now you see this on your computer screen:
image
Step 9
On your Mobile Device:
- Click "Continue" on your device.
- Prompt should appear "Do you want to allow Sign-in?" Click Yes (this is the actual sign in occurring. This also requires that you be in Bluetooth Range and have Bluetooth Enabled on your mobile device and computer. If you do not have Bluetooth functionality, you will need to instead use a Yubikey or UN+PW+MS Authenticator TOTP codes for Authentication.)
- You have now successfully logged in using your Passkey.
Step 10
Once the above steps are completed, you now have a Passkey setup on your mobile device and linked to your account. You may use this method to authenticate to other resources as well. Passkeys are device-bound and provide valuable protection against token theft and replay attacks, since the token cannot be used on a different device.