When computer is online, technicians can access customer workstations with a variety of methods, including scanning a QR-code or triggering a push notification. And when the computer is offline, technicians can use one-time code to access the workstation.
This one-time code is unique, it is associated with a shared or named admin account, and it is based on TOTP protocol that changes the code every 30 seconds. The code can be retrieved from a mobile device, and it is available for each workstation.
Offline access multi-factor?
Logging in with one-time code is still considered secure and multi-factor. As a technician you still need to have your mobile device, and you still need to unlock the idemeum application with your biometrics before you can access and retrive the one-time code.
What is more, access to one-time codes is captured in the audit logs.
firstname.lastname@example.org accessed offline code for Desktop machine W11-L-PASSWORD.
How to login with one time code
- When the computer is offline, idemeum credential provider will automatically switch to offline mode. Instead of displaying the QR-code for elevated access, it will show the username and offline secret fields.
- To retrieve your username and offline code for this workstation:
- Open your idemeum mobile application
- Search for the workstation name that you need to log into
- Click on
- And you will be presented with the username to use and your offline code, which changes every 30 seconds