• Docs Home
• Platform
  • Multi Factor Flow
  • User Enrollment
  • Domain Attributes
• Guides
  • Admin Panel
  • User Management
  • Applications
  • Admin Logs
  • Authentication Logs
  • Administrator Roles
  • Policies
  • Hardware Tokens (OTP)
  • Software OTP Tokens
  • Email OTP
  • Bypass Codes
  • Devices
  • Phones
  • U2F Tokens
  • Push Number Matching
  • Passcode Grids
  • Enrollment Email
  • LoginTC Managed
  • MSP Hub
• End-User Guides
  • iOS App
  • Android App
  • Chrome Extension
• Video Library
  • LoginTC Basics
  • LoginTC Policies
  • User Management
  • LoginTC MSP Hub
  • LoginTC RADIUS Connector Settings
  • Cloud User Enrollment
  • On-Premises User Enrollment
  • AD FS Walkthrough
  • Cisco Walkthrough
  • Amazon Workspace Walkthrough
  • Barracuda Walkthrough
  • F5 Big-IP APM Walkthrough
  • Ivanti VPN Walkthrough
  • Microsoft RRAS Walkthrough
  • VMWare Horizon View Walkthrough
  • WatchGuard Walkthrough
  • Windows VPN L2TP
• Connectors
  • AD FS
  • Apache
  • Array Networks
  • Barracuda
  • Box
  • Check Point
  • Cisco ASA
  • Citrix NetScaler
  • Dropbox
  • F5 BIG-IP APM
  • Fortinet Fortigate
  • Freshdesk
  • Juniper
  • MariaDB
  • Netgate pfSense
  • Office 365
  • OpenAM
  • OpenVPN
  • OpenVPN AS
  • OWA
  • Palo Alto
  • PostgreSQL
  • Pulse Connect Secure
  • RADIUS
  • Two Factor Authentication (MFA) for RD Gateway (RADIUS)
  • Two Factor Authentication (MFA) for Remote Desktop Web Access (RD Web)
  • Sophos UTM
  • SonicWALL SRA
  • SiteMinder
  • Unix SSH
  • VMware Horizon View
  • Web
  • WatchGuard
  • WatchGuard Access Portal
  • Windows Logon and RDP
• Tools
  • User Sync
• REST API
  • Users
  • Domains
  • Tokens
  • Bypass Codes
  • Hardware Tokens
  • Sessions
  • Organizations
  • Client Libraries
• Downloads
• Release Notes
  • LoginTC RADIUS Connector
  • LoginTC AD FS Connector
  • LoginTC RD Web Access
  • LoginTC RD Gateway SSO
  • LoginTC Windows Logon Connector
  • LoginTC OWA
  • LoginTC Managed
  • User Sync Tool
• Service Status
• Knowledge Base
• Help

Push Number Matching

• Overview
• Enabling Push Number Matching
• Compatibility Requirements
  • LoginTC App Requirements
  • Supported LoginTC Connectors
• Using Push Number Matching

Overview

Prompts the user when authenticating on their LoginTC app to select the number that was displayed to them in the connector login screen. Helps to give the user confidence that the LoginTC authentication request they see is the one that they themselves requested, and not a malicious request from an attacker.

Enabling Push Number Matching

To enable or disable push number matching for a specific application:

1. Log in to LoginTC Admin
2. Click Applications
3. Select the application you want to modify
4. Select the appropriate application policy
5. Under Authentication Methods Scroll down to Push Number Matching
   
6. Select either Enabled or Disabled
7. Scroll down to the bottom of the page and click Save

Compatibility Requirements

LoginTC App Requirements

Push number matching require the following LoginTC App versions:

• LoginTC Android 2.3.2+
• LoginTC iOS 2.3.2+
• LoginTC Chrome 1.3.5+

If the LoginTC app version does not support push number matching the authentication will fail.

Supported LoginTC Connectors

Push number matching is compatible with:

• LoginTC AD FS Connector 1.2.1+
• LoginTC Windows Logon and RDP Connector 1.2.1+
• LoginTC OWA Connector 1.3.2+
• LoginTC RD Web Access Connector 1.4.0+
• LoginTC RD Gateway SSO Connector 1.0.0+
• LoginTC RADIUS Connector 3.0.6+

Using Push Number Matching

Authenticating with LoginTC

Here is an example of Push Number Matching with Outlook Web App.

When authenticating, the user sees a randomly-generated number shown to them at the connector login screen.

The user then has to select the correct number when approving the request:

If the user selects the correct number they are authenticated. If not, the authentication fails.

For more examples see: Push Number Matching