Configuring Remembered Devices in VIP Manager
If you want to combine VIP Remembered Device authentication with VIP IA, you must enable VIP Remembered Devices within the applicable policy in VIP Manager.
- To configure Remembered Devices in VIP Manager:
- Sign in to your account in VIP Manager.
- SelectPoliciesin the navigation bar at the top of the page.
- In theAccounttab, select theEditlink.
- In the Remembered Devices policy section, enable the type of credentials that your organization supports;Device Fingerprint,Trusted Device, or both.
- Configure your policy settings:
- If you enable Device Fingerprint, also configure the following settings:
- Set the maximum number of days before the device fingerprint expires. Enter from 1 day to 730 days. The device fingerprint expires after this time period, even if the user has successfully authenticated before the authentication expiration threshold.
- Set the number of days before the device fingerprint expires if users do not use their device to successfully authenticate themselves. Enter from 1 day to 365 days.Successful authentication only resets the counter of days to the next successful authentication. Device fingerprints always expire after the number of days configured in theExpire afterfield.
- If you enable Trusted Device, also select whether to automatically upgrade Trusted Devices to the latest version. If you enableAuto-upgrade Trusted Device, users on supported platforms automatically receive the latest versions of Trusted Device.
- Enter the maximum number of devices that each user can register as Remembered Devices. You can enter from 1 to 20.
- Select how devices are deleted if a user attempts to register more than the maximum allowed number of Remembered Devices:
- SelectAutoto automatically delete the least recently used Remembered Device when the user registers another device. Users and administrators can manually delete Remembered Devices at any time.
- SelectAdmin Onlyto require the administrator to delete a Remembered Device. The user cannot be able to delete any Remembered Devices without administrator intervention.
- ClickSave.
If you want to provide VIP Remembered Devices for users without VIP IA, see the
VIP Remembered Device Integration Guide
.Next Step:
- If VIP IA considers their sign-in events risky, you can use the Self Service Portal IDP to deliver out-of-band security codes to your users. Enable out-of-band authentication by configuring the Self Service Portal IDP.
- To integrate VIP JavaScript with an externally accessible web application, configure the VIP integration code for JavaScript.