Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

SafeNet FIDO Key Manager for Windows

Device management

search

Device management

This section describes reset, unblock, token information, and unlock functions supported by SafeNet FIDO Key Manager.

Connect FIDO/PKI devices

  1. Connect one or more FIDO, PKI, or Fusion (FIDO + PKI) devices to the Windows desktop USB port or card reader.

  2. Open SafeNet FIDO Key Manager.

    When the device is detected, the information and management options are visible on the screen for the user. If the device contains admin capabilities then those are visible on the top right corner under the Admin drop-down.

    alt_text

    If multiple devices are connected, a list of the devices along with the modes (PKI or FIDO) is displayed.

    Note

    A maximum number of PKI or Fusion (FIDO + PKI) devices that can be connected is 8.

    alt_text

    When you add or remove a device, the list is automatically updated.

  3. Select a device to manage.

  4. Select the back arrow (<-) to return to the device list.

View device information

To view the information of a device:

  1. Connect a FIDO, PKI, or Fusion (FIDO + PKI) devices to the desktop PC.

  2. Open SafeNet FIDO Key Manager.

  3. Select the required mode (FIDO or PKI).

    The device information is displayed , which varies according to the type of device.

    alt_text

  4. Select the back arrow (<-) to return to the device list.

Reset a FIDO device

This feature is used to reset PIN and all settings on the FIDO device. After the reset, your FIDO device will be considered as a new FIDO device and needs to be re-registered across all accounts.

To reset a FIDO key:

  1. Connect a FIDO or Fusion (FIDO + PKI) device to the tablet or desktop PC.

  2. Open SafeNet FIDO Key Manager and select the FIDO Mode.

  3. Select the Reset FIDO Key option.

    alt_text

  4. Select the check box if you want to reset to the factory settings. This will reset the admin PIN as well as PIN policy.

  5. Select Yes, reset FIDO key.

    alt_text

  6. Remove and re-connect the FIDO device.

    alt_text

  7. Click Confirm Reset.

    alt_text

Manage FIDO key resets

You can enable or disable the Reset FIDO Key option.

This operation is available only for FIDO 2.1 or later devices.

Enable FIDO key reset

To enable the Reset FIDO Key option:

  1. Connect a FIDO or Fusion (FIDO + PKI) device to the tablet or desktop PC.

  2. Open SafeNet FIDO Key Manager and select the FIDO mode.

  3. Select Admin > Manage reset.

    alt_text

  4. Enter the admin PIN and then, click Submit.

    alt_text

    Note

    This step displays only if you are entering the admin PIN for the first time. After the admin PIN is authenticated, this step is skipped for the rest of the session.

  5. Select Disable Reset.

    alt_text

Disable FIDO key reset

To disable the Reset FIDO Key option:

  1. Connect a FIDO or Fusion (FIDO + PKI) device to the tablet or desktop PC.

  2. Open SafeNet FIDO Key Manager and select the FIDO mode.

  3. Select Manage reset in the Admin menu.

    alt_text

  4. Enter the admin PIN and click Submit.

    alt_text

    Note

    This step displays only if you are entering the admin PIN for the first time. After the admin PIN is authenticated, this step is skipped for the rest of the session.

  5. Select Enable Reset.

    alt_text

Unblock FIDO device

You can unblock a FIDO device if it has been locked due to multiple incorrect PIN attempts.

The user can unlock a FIDO device by generating a challenge and sharing it to the admin. Thereafter, the admin selects the unblock's users FIDO key option and generates a response after providing admin PIN and sharing the response back to the user. Then, the user enters that response and unlocks the key.

Alternatively, admins can directly use the "I am an Admin" option to unblock the device.

This feature is available only for FIDO 2.1 and later devices.

Unblock a user key remotely

To unblock a user's FIDO device:

  1. Open SafeNet FIDO Key Manager and select the FIDO mode in a FIDO or Fusion (FIDO + PKI) device.

  2. Select Unblock FIDO Key.

    alt_text

  3. click Generate code.

    alt_text

    A challenge code is generated on the user side.
    The user must share this code with the administrator.

  4. Receive the response code from the user.

  5. Enter the response code from the user and then click Submit.

    alt_text

  6. Enter a new PIN, confirm the PIN, and then click Submit.

    alt_text

Unblock FIDO device used by admin

To unblock an administrator's FIDO device:

  1. Connect a FIDO or Fusion (FIDO + PKI) device to the tablet or desktop PC.

  2. Open SafeNet FIDO Key Manager and select the FIDO mode.

  3. Select Unblock FIDO Key.

    alt_text

  4. Select I am an Admin.

    alt_text

    An administrator authentication screen displays.

  5. Enter the admin PIN, and then click Submit.

    Upon successful unblocking of the PIN, you are redirected to the PIN change interface.

  6. Enter the new PIN, confirm, and then click Submit.

    alt_text

Unblock a user key from the Admin menu

You do not have to insert the user's key into the SafeNet FIDO Key Manager application.

Note

You can access this feature from the landing page, the device selection page, and the device info page. It is always enabled regardless of the device type and connectivity.

To unblock a user’s FIDO device:

  1. Open SafeNet FIDO Key Manager and select the FIDO mode in a FIDO or Fusion (FIDO + PKI) device.

  2. Select Admin > Unblock a user’s FIDO key.

    alt_text

  3. Enter the challenge code shared by the user and the admin PIN, and then, click Submit.

    alt_text

    On success, the system generates the response code.

  4. Copy the response code and share with the user to unblock their FIDO Key.

  5. Click Finish.

    alt_text

On this page