Push OTP on macOS
Support for the push OTP feature depends on the configuration of your SafeNet MobilePASS+ token.
Push OTP simplifies the process of accessing a protected resource, such as a webpage, cloud, or VPN. A push notification is sent from the login page to your mobile device or computer.
After you have approved the login request with a tap of a button, and entered a PIN (if required according to your tokens’ settings), a passcode is generated by your SafeNet MobilePASS+ app and sent to the login page, logging you in automatically. This eliminates the need to generate a one-time passcode (OTP) on your mobile device or to enter it into the login page.
Enable or disable notifications
-
Select System Preferences > Notifications.
-
Select MobilePASS+ and then configure the notification options.
Log in with push OTP
The following procedure uses Microsoft 365 as an example of a resource that you want to access. The login steps may vary for other resources.
-
Open the login page of the resource and then enter your organization username and password.
You are redirected to your organization’s login page.
-
Enter your login credentials and then select Sign in.
-
Select Use my mobile to autosend a password and then select Submit.
The system sends a notification of the login request to your mobile device.
-
When the login request displays on your mobile device, select the notification.
The login request window opens and displays information about the application that sent the request, including the location in the map, the name of the token in SafeNet MobilePASS+, and the time elapsed since the request was received.
-
To approve the login request, select Approve.
If the login request is unfamiliar and not expected, select Deny, and then select Yes, Report. This sends a notification of the unauthorized login attempt to your organization’s authentication management system.
-
If the SafeNet MobilePASS+ app receives more than one push authentication, use the left and right < > arrows to navigate to the required push authentication.
-
If the token is PIN-protected, enter the PIN and then select Submit.
-
If your organization supports biometric PINs and you are using a Touch ID compatible device, the Touch ID window displays. You can use your Touch ID to authenticate. SafeNet MobilePASS+ sends a passcode to the login page.
-
A confirmation message displays on the SafeNet MobilePASS+ app screen.
You are logged in to the resource.
Approve a login request when SafeNet MobilePASS+ is not running or is in the background
-
When the login request displays on your screen, select the notification and then select Options.
-
Select Approve.
If the login request is unfamiliar and not expected, select Deny, and then select Yes, Report. This sends a notification of the unauthorized login attempt to your organization’s authentication management system.
The Enhanced Approval Workflow is not available where PIN tokens have not been configured to support it.
Approve login requests with number matching
For additional security, your administrator can configure the push login request to use number matching instead of the Approve and Deny buttons. With number matching, the login screen displays a number, and you tap the matching number on the push notification.
The login request includes information about the application that sent the request, such as the location in the map, the name of the token in SafeNet MobilePASS+, and the time elapsed since the request was received.