Managing your IBM Verify authenticators

Authentication factors are used for two-step verification. Two-step verification protects you and your account by using a second authentication method to verify your identity when you access your account on your computer or device.

Before you begin

If you want to use the IBM Verify mobile app as an authenticator, you can download it from the app store and install it on your mobile device. Go to either the Apple App Store or Google Play.
Note: Your tenant administrator sets the authentication factors that are available for you to use.

About this task

If your application or Verify security policies require 2FA provided by IBM® Security Verify, then you must register one or more instances of the IBM Security Verify mobile authenticator app so that IBM Security Verify appears as a 2FA option during runtime access authentication.

You can perform the following tasks:
  • Add an authenticator.
  • View the authenticator details.
Note: If your account requires a minimum number of enrollments, the enrollments must be unique. For example, if you use the same phone number for text messages and phone calls, it is only one enrollment. If you use your cell phone number for text messages and your office phone number for phone calls, then they are two enrollments.

Procedure

  1. Log in to your Verify account.
  2. From your profile menu, click Profile & settings.
  3. From your Profile page, click Security.
  4. Perform second factor authentication.
    1. Select the method to receive your one-time password.
      Tip: Initially, when no authentication factors are set up, a passcode is sent to your email address that is associated with your Verify account.
    2. Enter the passcode and click Submit.
  5. To register a method or to change an existing method, click Add new method and choose the method that you want to use for multi-factor authentication.
    • To add the IBM Security Verify app, go to Step 6.
    • To add an Authentication app, go to Step 7.
    • To set up a passkey that uses your built-in authentication methods, go to Step 8.
    • To set up a passkey that uses and external security key, go to Step 9
    • To set up text messaging, go to Step 10.
    • To set up and email account, go to Step 11.
    • To set up a phone call, go to Step 12.
  6. To add the IBM Security Verify app, click Add device.
    1. If you didn't previously download the app, follow the instructions to download it from the App store or Google Play.
    2. Click Next: Connect your account.
    3. Open the Verify app on your mobile device, tap Connect an account.
    4. On the Allow connection to screen, tap Approve.
    5. If you enabled biometrics on your mobile device and want to use them for the app authentication, tap Use bometrics or the equivalent on your device, otherwise tap Not now.
    6. Tap Done.
    7. In Verify, click Done.
      If you did not previously add an Authenticator app, Security Verify is also added as your Authenticator app. When you are prompted for a second authentication factor, you have two choices.
      • You can select IBM Verify App and touch the push notification on your mobile device.
      • You can select Authenticator app and enter the passcode that is generated.
      Note: If you choose to use the passcode, enter it as six numbers without any spaces. Although the passcode might appear as 123 456, it must be entered as 123456.
  7. To add an Authenticator app, click Setup.
    You can have one Authenticator app only. If Security Verify is also listed as your authenticator app and you want to use another app, you must first remove Security Verify as the authenticator app. Click the more options menu icon 3 vertical dots and select Remove authenticator.
    1. Provide a name for your authenticator app and download the app.
      If you didn't previously download the app, follow the instructions to download it from the App store or Google Play.
    2. Click Next: Connect your authenticator.
    3. On your authenticator app, tap Add account.
    4. Select an account type.
    5. Tap Finish if necessary.
    6. On your Verify account, click Next:Test your authenticator.
    7. Enter the one-time passcode from your authenticator.
      Tip: The passcode is six consecutive numbers. Although the passcode might appear as 123 456, it must be entered as 123456.
    8. Click Done.
      When you are prompted for a second authentication factor, you can select Authenticator app and enter the passcode that is generated by the authenticator app on your mobile device.
  8. To set up a passkey that uses your built-in authentication methods, do the following steps.
    1. Click Add new method > Next: Add passkey.
    2. Select an authentication method and follow the prompts.
    3. Select OK to save your passkey.
    4. If prompted, click Allow.
    5. Type a friendly name to identify your passkey and click Done.
  9. To set up a passkey that uses an external security key, do the following steps.
    1. Click Add new method > Next: Add passkey.
    2. Select Security key and click Next.
    3. Click OK > OK.
    4. Insert your security key, enter a security key PIN (password), and click OK.
    5. Touch your security key and click OK to save your passkey.
    6. If prompted, click Allow.
    7. Type a friendly name to identify your passkey and then click Done.
  10. To set up text messaging, do the following steps.
    1. Click New number.
    2. Ensure that the correct country code is selected.
    3. Enter your mobile phone number and area code without any spaces.
      For example, enter (123) 456-7890 as 1234567890.
    4. Click Send access code.
    5. Enter the access code that you received on your mobile device.
    6. Click Verify > Done.
  11. To set up an email account for authentication, do the following steps.
    1. Click New email.
    2. Enter the email address in the correct format.
      For example, johndoe@myco.com. Include the at symbol '@' and period '.' in the address.
    3. Click Send access code.
    4. Enter the access code that you received in the email.
    5. Click Verify > Done.
  12. To set up a phone call for authentication, do the following steps.
    1. Click New number.
    2. Ensure that the correct country code is selected.
    3. Enter your mobile phone number and area code without any spaces.
      For example, enter (123) 456-7890 as 1234567890.
    4. Click Call me.
    5. Enter the access code that you received verbally on your phone.
    6. Click Verify > Done.

Removing an authentication method

If you no longer want to use an authentication method, you can remove it from your device.

About this task

Note: If your account requires a minimum number of enrollments and this removal results in fewer than the minimum amount,
  • If you are within the grace period, after the removal you might see notifications about the required number of enrollments.
  • If you are not within the grace period, after the removal you must complete the required number of enrollments the next time you authenticate.
To remove a device or method, do the following steps.

Procedure

  1. Hover over the authenticator and click the more options menu icon 3 vertical dots when it appears.
  2. Click Remove authenticator and click Confirm.

Testing an authentication method

You can use this procedure to verify that an authentication method works correctly.

About this task

To test the operation of an authenticator, do the following steps.

Procedure

  1. Hover over the authenticator and click the more options menu icon 3 vertical dots when it appears.
  2. Click Test Device and follow the instructions.
    A push notification or code is delivered to your IBM Security Verify authenticator. Respond to the notification as directed.