ESET Secure Authentication – Table of Contents

Mobile Application

The mobile application of ESET Secure Authentication makes it easy to generate OTPs or approve push authentication requests to access computers and services protected by 2FA.

The mobile application version 2.40+ supports authentication of multiple users, meaning if you use several user accounts in a domain/network protected with 2FA, the authentication tokens of all your user accounts may be stored in your one mobile application.

The mobile application version 3.0+ supports Google Authenticator tokens. Instead of installing the Google Authenticator app, click Add account in the mobile application of ESET Secure Authentication to scan the QR code when setting up 2-step Verification with Google Authenticator. Then you can generate OTPs with the ESA Mobile App instead of the Google Authenticator App when signing in to a Google service protected by 2-step verification.

For instructions on installing and using the mobile application, click the desired mobile OS to be redirected to the corresponding knowledge article:

Android

iPhone

Setting a PIN code can protect the mobile app from unauthorized access. If biometric authentication is configured on your mobile device, you can access the mobile app faster by allowing the use of a fingerprint scanner (Android, iOS) or face recognition (iOS).

Note that in the case of a PIN-protected Mobile Application, the message Approve on phone is displayed on Android Watch when a push notification is generated.

Note

PIN-protected Mobile Application

If the Mobile Application has PIN protection enabled, it will allow a user to log in using an incorrect PIN code to protect the correct PIN code from brute-force attacks. For example, if an attacker attempts to log into the Mobile Application using an incorrect PIN code, they might be granted access, but no OTP will work. After entering several wrong OTPs, the 2FA of the user account (which the Mobile Application belongs to) will be automatically locked. This represents a minor issue for a general user: If the user happens to log into the Mobile Application using an incorrect PIN code and then changes the PIN code to a new one, all the tokens included in the Mobile Application will become unusable. There is no way to repair such tokens—the only solution is to re-provision tokens to the Mobile Application. Therefore, we advise users to try an OTP before changing their PIN code—if the OTP works, it is safe to change the PIN code.

Note

OTPs and Whitespace

To improve readability, OTPs are displayed in the mobile application with a space between the 3rd and 4th digits. All authentication methods except MS-CHAPv2 strip whitespace from the provided credentials, so a user may include or exclude whitespace without affecting authentication.