Generate passcodes on iOS

Your SafeNet MobilePASS+ authenticators can be configured by your system administrator to generate passcodes using one of the following methods:

• Time-based: When you unlock a time-based authenticator, the OTP displays and a countdown icon shows a countdown until next refresh. As long as the authenticator is unlocked, the OTP refreshes automatically.

• Event-based: When you unlock an event-based authenticator, either a greyed-out icon (meaning the OTP cannot be refreshed) or a refresh icon (that must be tapped to refresh the OTP) displays.

• Challenge-Response: When you unlock a challenge-response authenticator, you are prompted to enter a challenge code before the OTP displays. When the authenticator is unlocked, select the refresh icon and enter a challenge to generate another OTP.

Your SafeNet MobilePASS+ app can contain multiple SafeNet MobilePASS+ authenticators, configured with different passcode generation methods.

Note

The number of pending login requests is displayed at the bottom of the app screen.

Sending the app to the background or exiting the app will lock all of the authenticators.

Generate a passcode with time-based authenticators

If you are using a time-based authenticator, the passcode is generated automatically after the specified time interval has elapsed. When a new passcode is generated, the previous passcode is no longer valid.

1. Open the SafeNet MobilePASS+ app.

2. If there is more than one authenticator, select the required authenticator.

3. If your authenticator is PIN-protected, enter the PIN, or if available, use Touch ID/Face ID.

   The passcode displays.

   

4. Select the passcode to copy it to the clipboard.

   

   Note

   As a security best practice Thales Group recommends that users do not use the copy and paste function for the OTP or enrollment strings because the clipboard is shared among all applications running on a device.

   A new passcode displays at the end of the specified time-interval.

Generate a passcode with event-based authenticators

Event-based authenticators are so-called because they require an event to generate the passcode. In SafeNet MobilePASS+, the event is the instant that you select the refresh button. The passcode is valid until another passcode is generated.

1. Open the SafeNet MobilePASS+ app.

2. If there is more than one authenticator, select the required authenticator.

3. If your authenticator is PIN-protected, enter the PIN, or if available, use Touch ID/Face ID.

   The passcode displays.

   

4. Select the passcode to copy it to the clipboard.

   

   Note

   As a security best practice Thales Group recommends that users do not use the copy and paste function for the OTP or enrollment strings because the clipboard is shared among all applications running on a device.

5. To generate a new passcode, select the refresh icon .

Generate a passcode with challenge-response authenticators

To generate a passcode on a challenge-response authenticator, you must first receive the challenge code. To receive the challenge code, follow the procedure used in your organization.

1. Open the SafeNet MobilePASS+ app.

2. If there is more than one authenticator, select the required authenticator.

3. Enter the provided challenge code.

   

4. Select OK. The passcode displays.

5. To generate another passcode, select Enter Challenge, and then repeat the process.