BlackBerry UEMsupports the use of One-Time Password (OTP) tokens through
BlackBerry 2FAservice. The OTP tokens feature provides a secure authentication scheme for users who do not have a mobile device or have a mobile device that does not have sufficient connectivity to support the real-time
BlackBerry 2FAdevice notifications. When using an OTP instead of a device notification as the second factor of authentication, the OTP is provided in the same channel as the user’s password, and their mobile device is not signaled.
You can enter the OTP code with the username or the password.
- When using an OTP code with the username, after the username, you type a comma (,) then the OTP code with no spaces between them. For example, if the username is "janedoe" and code is "555123", it should be entered as “janedoe,555123”. Using this method, users can easily verify the code that they entered.
- When using an OTP code with the password, the code precedes the user's password. For example, if the code is "555123" and the password is "AbCdeF", it should be entered as "555123AbCdeF".
You enable software OTP tokens for users in the
BlackBerry 2FAprofile that you assign to them. The software token can be found in the
BlackBerry UEM Clientapp by swiping through its home screen.
To manage hardware OTP tokens in
BlackBerry UEM, the user must have a
BlackBerry 2FAprofile assigned to them.
For more information about the latest supported hardware tokens, see the
BlackBerry 2FAserver compatibility matrix.