The message, "The Defender Security Server could not log you on. Make sure your Username and domain are correct, then type your passcode again." normally indicates that the Defender configuration is incorrect.
First thing to confirm is that you can successfully test your token response from within the Defender MMC.
Is the Desktop Login configuration correct: DSS and Access Node port is correct? Desktop Login Installation and Configuration Guide
Is the Access Node configured correctly in AD? Defender Access Node Configuration
Attempt the test again and confirm if the authentication attempt appears in the DSS log: Locating the Defender Security Server Audit Log
If the authentication attempt DOES appear in the log it should also provide a reason, e.g.: "User not valid for this route". If the authentication attempt DOES NOT appear in the log then it means the authentication attempt has not reached the DSS. The latter points to a configuration issue with Desktop Login; the former with the Access Node.