Skip to main content

SecureAuth Passcode app for Mac

Updated December 21, 2022

SecureAuth Passcode for Mac is a desktop application that generates one-time passcodes (OTPs) to use for validation during the login process.

Use this guide to install and provision the SecureAuth Passcode for Mac App to use in multi-factor authentication on a macOS desktop.

Note

Passcode app version 19.14 or later supports the ability to register the Passcode app on more than one macOS computer. This applies to Identity Platform OATH Token enrollments.

It requires an Identity Platform hotfix update to releases 19.07.01 or later.

For a summary of release information, see Passcode for Mac release notes.

Prerequisites

Before you set up Passcode for Mac, review the following prerequisites.

Workstation requirements

The following are minimum workstation requirements for end users.

  • Supported on macOS 10.9 or later

Before you begin

  • Download and install the SecureAuth Passcode for Mac app from the App Store

  • Configure the OATH Provisioning Realm / App Enrollment Realm in the SecureAuth Identity Platform for end users to enroll devices for passcodes by following steps in Multi-Factor App Enrollment (URL) realm configuration

  • Configure Identity Platform realms in which OATH OTPs or Time-based Passcodes are used for multi-factor authentication

Connect an account to your user profile

  1. Start the Passcode client application.

    passcode_app_win_006.png

  2. If this is a fresh install, then the Add Account screen appears.

    passcode_app_win_007.png

  3. Enter the URL of the Identity Platform Multi-Factor Authentication URL enrollment / OATH provisioning application.

    If the default URL realm SecureAuth998 is used, then you only need to enter the Fully Qualified Domain Name. For example, secureauth.company.com

    If a different realm is used for Multi-Factor Authentication app enrollment, then the entire URL address that includes the realm name is required. For example, https://secureauth.company.com/secureauth2

  4. Click Start.

  5. Follow configured login workflow, which might include multi-factor authentication to connect a Passcode account to your user profile.

    In the following example, this is the Username + Password workflow option.

    passcode_app_win_008.png

  6. If required in the app enrollment realm configuration, create your PIN and click Enter.

    passcode_app_win_009.png
    PIN value restrictions

    • Cannot have consecutive and repeating digits. For example, 33333333 or 1111

    • Cannot have forward or backward sequential numbers. For example, 123456 or 87654321

    PIN rules

    • If you've upgraded to a newer version of the Passcode app, it will prompt you to create a PIN and reconnect to your profile if the realm requires a PIN.

    • An account on the app must be re-enrolled for multi-factor authentication if the connected realm now requires a PIN entry.

    • If accounts on the app use different PIN lengths, then it enforces the highest security setting (maximum 10 digits) for use on the app. To apply the highest security setting to all accounts, you must reenroll accounts that are not using the highest security setting.

    • If multiple accounts exist on the app, you must create a PIN whenever you:

      • Add an account that requires a higher security setting, or

      • Delete the account that used the highest security setting

  7. Confirm the PIN, and click Enter again.

    The OTP panel appears with the current one-time passcode (OTP) that you can use for multi-factor authentication (MFA).

Using Passcode for Mac

  1. Start the app on your desktop.

  2. If prompted, enter your PIN.

  3. The Passcode app home page displays, showing a passcode 6 to 8 digits in length for each account on the app.

    The blue bar beneath the passcode indicates how much time remains to use the passcode for login, as configured by your administrator.

    The bar turns red when 10 seconds remain to use the current passcode. When the time has elapsed, a new passcode appears.

  4. Click Copy to copy the passcode to the clipboard for easy pasting on the login page.

    passcode_app_win_010.png

Passcode app toolbar

Learn more about the Passcode app functions.

passcode_app_win_010.png
passcode_app_win_012.png

Home

The home page appears with the current passcode for each account on a connected domain.

passcode_app_win_013.png

Add Account

Use this option to add another account.

passcode_app_win_014.png

Edit Accounts

Use this option to manage your accounts. For example you can rename, reenroll, reorder and delete your account.

passcode_app_win_015.png

Change PIN

Use this option to change your registered PIN.

Passcode app account management

Clicking the pencil icon puts the app in edit mode, providing functions described below.

passcode_app_win_018.png

Click the icon on the account tile to enable the function described to the right:

passcode_app_win_019.png

Rename

Click this icon next to a connected account name to rename it.

passcode_app_win_021.png

Re-enroll

Use this option to clear account connection data and restart the account connection process.

passcode_app_win_022.png

Reorder

Click and hold to drag and drop the account up or down the list.

passcode_app_win_020.png

Delete

Use this option to remove a connected account from the Passcode app.

End user login experience

  1. Log in to the application you want to access and proceed through the configured login workflow.

  2. From the list delivery methods, select the Time-based Passcode option.

  3. Click Submit.

    passcode_app_win_037.png

  4. Start the Passcode app.

  5. If a PIN is required to unlock the app, enter your PIN and click Enter.

    passcode_app_win_025.png

  6. On the Passcode home page, click Copy on the account tile to copy the passcode.

    passcode_app_win_010.png

  7. Paste the passcode in the Passcode box on the login page.

  8. Click Submit to access to the realm.

    passcode_app_win_038.png
In this section: