Updated on 2024-06-12 GMT+08:00

USB Key Management

USB keys can only be issued to user accounts with USB key authentication enabled in multifactor verification.

Before using a USB key for second authentication, prepare USB keys and install the USB key driver on the local computer. A USB key from a vendor cannot be identified by other vendors for login authentication. So, the vendor must be specified for each USB key. For details, see Configuring USB Keys.

Prerequisites

  • You have obtained a USB key.
  • You have the management permissions for the User module.
  • You have the management permissions for the USBKey module.

Procedure

One USB key can be issued to one user only.

  1. Log in to the CBH system.
  2. Choose User > USBKey in the navigation pane.
  3. Click Issue to issue a USB key.
  4. Select a user with the USB key multifactor verification enabled as the related user.

    Table 1 Parameters for issuing a USB key

    Parameter

    Description

    USBKey

    Specifies the USB key ID.

    Relate User

    Specifies the user to which the USB key is related. USB key in multifactor verification must be enabled for such users.

    PIN

    Specifies the personal identification number (PIN) uniquely corresponding to the USB key. It is provided by the USB key vendor.

  5. Click OK. You can then view the newly issued USB key in the USB key list.

    When you log in to the CBH system as a related user, insert the issued USB key to the local host. The CBH system automatically identifies the USB key. On the displayed page, select the corresponding USB key and enter the PIN number to complete the authentication.

Revoking a USB Key

  1. Log in to the CBH system.
  2. Choose User > USBKey in the navigation pane.
  3. In the Operation column of the row containing the USB key to be revoked, click Revoke.
  4. To revoke multiple USB keys at a time, select the ones you want and click Revoke at the bottom of the USB key list to revoke the selected USB keys together.