Tell me about VeriSign VIP support

How does it work?	Deactivate a VIP credential
Enable VIP for all users	Tell me about the Unlock option
Enable VIP for select users	Tell me about VIP status
Enable VIP for yourself	Can I also enable SAML SSO?
How to get a VIP credential	Help with your VIP device

How does it work?

When VIP is enabled for a user, the user completes a two-part process to log in to our user interface. The user will enter login credentials (login name and password) followed by VIP credentials (VIP credential ID and one-time security code). Note - VIP two factor authentication impacts UI access only (not API access).

How to enable VIP authentication globally

Managers can go to Users > Setup > Security and select the option "Require VIP two-factor authentication for all users".

How to enable VIP authentication for selected users

If not enabled globally, a Manager can enable VIP authentication individually for specific users. Go to Users > User Accounts and edit the account you're interested in. Then select the option "VIP two-factor authentication" under Security.

How to enable VIP authentication for yourself

All users with login privileges can opt in for VIP authentication by registering their own VIP credential with our security service. Edit your own user account, go to the Security section and register your credential.

I don't have a VIP credential. How do I get one?

You can get a credential from the VeriSign Identity Protection Center at: https://idprotect.vip.symantec.com or https://vip.symantec.com. Each VIP credential bears a credential ID and allows the user to generate one-time security codes as needed.

How to deactivate a VIP credential

Just click the Deactivate Credential button in the user's account settings. If you are deactivating your own credential, you will be prompted to validate your credential by providing two security codes from your credential device. Important - If you deactivate your credential and VIP authentication is required for your account, you'll need to register your VIP credential the next time you log in.

Tell me about the Unlock option

You can unlock any user's credential, except your own. Once unlocked, the user will need to enter their VIP security code the next time they log in. Need to unlock your own VIP credential? Ask a Manager to do it. If you are the only Manager in your subscription, please contact Support.

Tell me about VIP status

You'll see one of these status indicators in each user's account settings:

VIP on indicator when VIP is required VIP is required and the user has registered a VIP credential.

VIP off indicator when VIP is required VIP is required and the user has not registered a VIP credential.

VIP locked indicator when VIP is required VIP is required and the user's credential is locked.

VIP on indicator when VIP is not required VIP is not required and the user has registered a VIP credential.

VIP off indicator when VIP is not required VIP is not required and the user has not registered a VIP credential.

VIP locked indicator when VIP is not required VIP is not required and the user's credential is locked.

Can I also enable SAML SSO?

We support the use of VeriSign VIP or SAML SSO. If both are turned on for the same account, SAML SSO will be used and the VeriSign VIP setting will be ignored.

Help with your VIP device

Not sure how to locate the security code or credential ID? Check these out:

Display a VIP Security Code on your VIP device

Locate your VIP Credential ID