VPN FortiToken Setup
FortiToken Mobile is an OATH compliant, event-based and time-based one-time password (OTP) generator application for mobile devices. FortiToken Mobile produces its OTP codes in an application that you can download to your Android or iOS mobile device without the need for a physical token.
FortiToken Mobile allows you to install Fortinet tokens as well as third-party tokens, including tokens for two-factor authentication used by Dropbox, Google Authenticator, Amazon, Facebook, Microsoft, Yahoo, Snapchat, PayPal, eBay, and LastPass.
Go to the Google Play store to download the free FortiToken Mobile application for Android.
Go to the Apple App Store to download the free FortiToken Mobile application for iOS.
If you do not have a iOS or Android device to use, please let us know via a ticket, and we will find an alternative for you.
Token Activation
After your system administrator assigns your token, you will receive a notification with an activation code and an activation expiration date by which you must activate your token. Depending on which option your system administrator has chosen, you will receive the activation notification either by email.
If you do not activate your token by the indicated expiration date (about 24 hours from when it is sent), you must contact the help desk ([email protected]) so that your token can be reassigned for activation.
Activating your FortiToken Mobile token
Please note that the following instructions were captured using an Apple iPhone. Certain words/phrases, visuals, and procedures may vary depending on what device and/or OS your FortiToken Mobile application is running on.
- On your device, open the FortiToken Mobile application.
If this is the first time opening the application, you will be prompted to create a PIN that will be used for secure access to your application and tokens.
If your mobile device is Touch ID protected, this (or a new PIN code) can be configured in the Info section of the application later.
- In the top-right corner, select the add-symbol ( + ). Your device's camera will show in order for you to scan the token's QR barcode; this is attached in your email notification.
Once scanned, continue to step 3.
If you received your notification via SMS, select Enter Manually to enter the token's activation key manually:
- Select Fortinet or Other to add the token as a third-party token.
- Enter your email address in the Name field, and enter the activation key in the Key field. When ready, select Done.
- Once the barcode has been scanned or the key has been manually entered, your token will become provisioned and activated, and start generating token codes immediately.
If you would like to view the OTP's digits, select the eye-icon.
Third-party Token Activation
The steps for activating a third-party token, such as those used for Google Authenticator, are the same as for Fortinet token, except make sure to select Other when entering the key manually. Depending on the token vendor, you may be able to alternatively use the barcode scanner to activate the token.
Generating OTPs
Upon entering the application and entering your PIN or passing Scan ID, your token will be visible in the home screen. The 6-digit OTP will be displayed, each lasting for 30 seconds, after which a new OTP code is generated.
If you have multiple tokens installed, they will all be listed on the home screen.
Using FortiToken Mobile tokens
- Open the application and enter your PIN/Scan ID to get to the home screen where your tokens are displayed.
- You can copy the OTP to clipboard by pressing and holding on the OTP code and selecting Copy. This can be done even if the OTP is blocked from view.
If you would like to view the OTP's digits, select the eye-icon.
- Go to where you need to present your token's OTP, such as the FortiClient VPN client, enter the OTP where required, and log in to pass the two-factor authentication process.