Biometric Authenticator

Tags Okta MFA

Overview

A biometric authenticator uses your existing device to verify your identity with biometric traits such as fingerprints or facial features. Touch ID, Face ID, or Windows Hello can be leveraged as a biometric authenticator which uses the WebAuthn standard.

Technology Services only recommends using a biometric authenticator as a supplemental security method since support for WebAuthn is not universal across all browsers. Further, every web browser that you would like to use to log in will require separate enrollment. A biometric authenticator configured in one browser will not allow you to verify your login when using a different device or browser to log in. 

Technology Services recommends setting up Okta Verify or Google Authenticator as your primary security method. 

How to get a biometric authenticator

In order to set up a biometric authenticator for MFA, you will need a device with a biometric sensor and a browser that supports WebAuthn. If you have a compatible configuration, follow the instructions below to set it up for your Puget Sound account.

How to set up a biometric authenticator

The exact steps to set up a biometric authenticator will vary depending on what device, operating system, and browser you are using. 

Note: Windows Hello on university-managed devices is not currently supported. 

General instructions

  1. Log in to your Puget Sound account at login.pugetsound.edu.
  2. Click your name in the upper-right corner then click Settings
  3. In the Security Methods section, click Set up or Set up another next to the Security Key or Biometric Authenticator security method.
  4. If prompted, re-authenticate to proceed. 
  5. Click Set up or Set up another under the Security Key or Biometric Authenticator option. 
  6. Click Set up on the next screen.
  7. Follow the on-screen prompts from your browser to complete the setup.
    • This generally involves allowing your browser to use Touch ID, Face ID, Windows Hello, or similar biometric login with login.pugetsound.edu. 

Step-by-step example

Set up Touch ID in Chrome on MacOS (click to expand section)

Set up Touch ID in Chrome

The instructions below are only an example. The exact steps will vary depending on your device, operating system, and browser. The following example is using Touch ID on MacOS Sequoia in the Chrome browser. 

If you are prompted to set up MFA when logging in, skip to step #5. 

  1. Log in to your Puget Sound account at login.pugetsound.edu.
  2. Click your name in the upper-right corner then click Settings
    okta account settings menu
  3. In the Security Methods section, click Set up or Set up another next to the Security Key or Biometric Authenticator security method.
    secuirty methods set up security key or biometric authenticator
  4. If prompted, re-authenticate to proceed. 
  5. Click Set up or Set up another under the Security Key or Biometric Authenticator option. 
    set up security key or biometric authenticator
  6. Click Set up on the next screen.
    set up security key or biometric authentication
  7. A dialog box will appear to create a passkey. Click Continue.
    create a passkey for login.pugetsound.edu in chrome
  8. Place your finger on the fingerprint reader on your computer.
    Google Chrome is trying to verify your identity. Touch ID to allow this.
  9. You have finished setting up a biometric authenticator in this browser! 
  10. Once you successful set up this method, it can only be used on the same browser/device to verify your login. Therefore, we strongly recommend setting up another security method such as Okta Verify or Google Authenticator.

How to use a biometric authenticator to log in

The exact steps to log in using a biometric authenticator will vary depending on what device, operating system, and browser you are using. 

General instructions

  1. In a browser, go to login.pugetsound.edu.
  2. Type in your Puget Sound username and password then click Sign in.
  3. Select Security Key or Biometric Authenticator.
    • Note: If Security Key or Biometric Authenticator is not presented as an option, select Verify with something else
  4. Follow the on-screen prompts from your browser to verify the login.
    • This generally involves placing your finger on the fingerprint reader or displaying your face to the camera.

Step-by-step example

Use Touch ID in Chrome on MacOS (click to expand section)

Use Touch ID in Chrome

The instructions below are only an example. The exact steps will vary depending on your device, operating system, and browser. The following example is using Touch ID on MacOS Sequoia in the Chrome browser. 

  1. In a browser, go to login.pugetsound.edu.
  2. Type in your Puget Sound username and password then click Sign in.
  3. Select Security Key or Biometric Authenticator.
    • Note: If Security Key or Biometric Authenticator is not presented as an option, select Verify with something else
      select security key or biometric as security method
  4. Place your finger on the fingerprint reader on your computer.
    Google Chrome is trying to verify your identity. Touch ID to allow this.
Print Article

Related Articles (3)

Logging in with Multi-Factor Authentication (MFA)
Description of the login process with MFA
Managing Multi-Factor Authentication (MFA)
How to set up and remove MFA security methods
Okta Verify for Mobile Devices
How to set up and use Okta Verify on mobile devices for multi-factor authentication (MFA)