• Docs Home
• Platform
  • Multi Factor Flow
  • User Enrollment
  • Domain Attributes
• Guides
  • Admin Panel
  • User Management
  • Applications
  • Admin Logs
  • Authentication Logs
  • Administrator Roles
  • Policies
  • Hardware Tokens (OTP)
  • Software OTP Tokens
  • Email OTP
  • Bypass Codes
  • Devices
  • Phones
  • U2F Tokens
  • Push Number Matching
  • Passcode Grids
  • Enrollment Email
  • LoginTC Managed
  • MSP Hub
• End-User Guides
  • iOS App
  • Android App
  • Chrome Extension
• Video Library
  • LoginTC Basics
  • LoginTC Policies
  • User Management
  • LoginTC MSP Hub
  • LoginTC RADIUS Connector Settings
  • Cloud User Enrollment
  • On-Premises User Enrollment
  • AD FS Walkthrough
  • Cisco Walkthrough
  • Amazon Workspace Walkthrough
  • Barracuda Walkthrough
  • F5 Big-IP APM Walkthrough
  • Ivanti VPN Walkthrough
  • Microsoft RRAS Walkthrough
  • VMWare Horizon View Walkthrough
  • WatchGuard Walkthrough
  • Windows VPN L2TP
• Connectors
  • AD FS
  • Apache
  • Array Networks
  • Barracuda
  • Box
  • Check Point
  • Cisco ASA
  • Citrix NetScaler
  • Dropbox
  • F5 BIG-IP APM
  • Fortinet Fortigate
  • Freshdesk
  • Juniper
  • MariaDB
  • Netgate pfSense
  • Office 365
  • OpenAM
  • OpenVPN
  • OpenVPN AS
  • OWA
  • Palo Alto
  • PostgreSQL
  • Pulse Connect Secure
  • RADIUS
  • Two Factor Authentication (MFA) for RD Gateway (RADIUS)
  • Two Factor Authentication (MFA) for Remote Desktop Web Access (RD Web)
  • Sophos UTM
  • SonicWALL SRA
  • SiteMinder
  • Unix SSH
  • VMware Horizon View
  • Web
  • WatchGuard
  • WatchGuard Access Portal
  • Windows Logon and RDP
• Tools
  • User Sync
• REST API
  • Users
  • Domains
  • Tokens
  • Bypass Codes
  • Hardware Tokens
  • Sessions
  • Organizations
  • Client Libraries
• Downloads
• Release Notes
  • LoginTC RADIUS Connector
  • LoginTC AD FS Connector
  • LoginTC RD Web Access
  • LoginTC RD Gateway SSO
  • LoginTC Windows Logon Connector
  • LoginTC OWA
  • LoginTC Managed
  • User Sync Tool
• Service Status
• Knowledge Base
• Help

Passcode Grids

• Overview
• Enabling Passcode Grids
• Compatibility Requirements
  • Supported LoginTC Connectors
• Managing Passcode Grids
  • Associating with a User
  • Disassociating from a User
• Using Passcode Grids
  • Iframe Window
  • RADIUS Challenge Interactive
  • Windows Logon Offline

Overview

A passcode grid is a table of rows and columns. Each cell contains a 3 letter tuple. LoginTC will challenge a user to enter the value of 3 cells (i.e. B1-A5-D2). The passcode grid can be printed or saved as a PDF.

Sample passcode grid:

Enabling Passcode Grids

To enable or disable passcode grid for a specific application:

1. Log in to LoginTC Admin
2. Click Applications
3. Select the application you want to modify
4. Select the appropriate application policy
5. Under Authentication Methods Scroll down to Passcode Grids
   
6. Select either Enabled or Disabled
7. Select a timeout in seconds a challenge is valid for. Default is 300 seconds
8. Scroll down to the bottom of the page and click Save

Compatibility Requirements

Supported LoginTC Connectors

Passcode grid is compatible with:

• LoginTC AD FS Connector 1.2.1+
• LoginTC Windows Logon and RDP Connector 1.2.2+
• LoginTC OWA Connector 1.3.2+
• LoginTC RD Web Access Connector 1.4.0+
• LoginTC RD Gateway SSO Connector 1.0.0+
• LoginTC RADIUS Connector 3.0.6+

Managing Passcode Grids

Associating with a User

To associate a passcode grid with a user:

1. Log in to LoginTC Admin
2. Click Users and click the target user
3. Scroll down to Domain Memberships
4. Click Send Enrollment Email
5. The user will receive an email with a link to enroll their passcode grid and complete the association process

Disassociating from a User

To disassociate a passcode grid with a user:

1. Log in to LoginTC Admin
2. Click Users and click the target user
3. Scroll down to Passcode Grids
4. Click Disassociate Passcode Grid
5. Click Disassociate Passcode Grid

Using Passcode Grids

Iframe Window

Passcode Grid authentication with Authentication Mode Iframe for Citrix NetScaler:

The user selects Passcode Grid and is shown a passcode grid to enter the values of 3 cells. Entering the correct values corresponding the their own passcode grid will result in a successful authentication.

This works for the following connectors:

• LoginTC AD FS Connector 1.2.1+
• LoginTC Windows Logon and RDP Connector 1.2.2+
• LoginTC OWA Connector 1.3.2+
• LoginTC RD Web Access Connector 1.4.0+
• LoginTC RD Gateway SSO Connector 1.0.0+
• LoginTC RADIUS Connector 3.0.6+ (Authentication Mode: Iframe)

RADIUS Challenge Interactive

Passcode Grid works with Authentication Mode Challenge Interactive on the LoginTC RADIUS Server:

When prompted, the user enters grid and is then shown a passcode grid challenge to enter the values of 3 cells. Entering the correct values (no spaces) corresponding to their own passcode grid will result in a successful authentication.

Windows Logon Offline

Passcode Grid works in Offline mode with LoginTC Windows Logon and RDP Connector:

The user selects Passcode Grid and is shown a passcode grid to enter the values of 3 cells. Entering the correct values corresponding the their own passcode grid will result in a successful authentication. For more information: Offline Logon.

For more examples see: Passcode Grid