How to use Windows logon

This section explains how to use the Windows logon for general users.

This manual is intended for those who have been implemented in large scale implementation procedures.

Table of Contents

1. Windows Logon setup

To use the Windows logon service, you need to log on to the PC once. The first time you log on, the system will automatically set up and allow you to use two-factor authentication with YubiKey the next time you log on.

1-1. Checking the network connection

Launch the PC and click the network icon at the bottom right of the logon screen.
Make sure you are connected to the network.

If the PC is not connected to the network, please make a network connection.

1-2. Automatic setup

Log on to the PC with the Windows “password” only.

If the PC is connected to the network at logon, the automatic setup will be completed.
Next time you log on, you can use two-factor authentication.

If you do not switch to two-factor authentication
Please review the network connection of the PC and log on to the PC again.

2. How to use Windows logon

Explains how to use two-factor authentication using YubiKey.

Boot the PC and display the logon screen.
Make sure that “YubiOn®Wls CredentialProvider” is displayed.

If you don’t see “YubiOn®Wls CredentialProvider”, click on the “sign-in options” and then click on the “YubiOn” icon.

Plug the YubiKey into the USB port.
Make sure that the metal part in the center lights up.

Input your Windows password in the input field.

After inputting the password, tap on the metal part of the YubiKey.
Tap YubiKey and it will automatically input “Enter Key” after the one-time password output.

After inputting YubiKey, if “Windows password” and “One-time password of YubiKey” are correct, the logon will be successful.

About offline authentication
・To enable offline authentication, the PC must be successfully authenticated online once.
・Each time the PC is successfully logged in, the offline authentication period is updated.
 e.g. If the offline expiration date is set to 3 days.
   If the PC is successfully logged on on April 1st, offline authentication will be enabled from April 1st to April 3rd.
   If the PC is successfully logged on during the above period, it is effective for an additional 3 days from the date of successful authentication.
・Please contact your administrator for the offline expiration date.

3. If you can’t log on to your PC

When you cannot log on to a Windows PC, this state is called “PC lock”. The PC will be locked when “Failed to login a certain number of times” or “Locked by an administrator”. If the PC is locked, the password field is hidden and the message “Machine is locked” is displayed.

About the function of unlocking the PC after a certain time
If the administrator has set “unlock after a certain period of time”, the PC will be unlocked automatically after a certain period of time.
The PC is unlocked when the PC connected to the network starts up.

If the PC is not unlocked after a certain period of time, or if you want to unlock the PC immediately, please contact your administrator.

4. Temporarily log on with a password only

When you can temporarily log on to a PC with only a password, this is called an “emergency logon” state. This mode can only be set by the administrator.

When an emergency logon occurs, the message “Emergency Logon Mode” will be displayed on the logon screen. You can log on by entering only your password in the input field.

5. How to check version

In the Start menu > Settings > Apps search box, enter “WindowsLogonService Client Tool”. Click on Client Tools and the version number will be displayed.