Manualshelf

Installation guide

ManualsBrandsCelestix ManualsComputer equipmentMSA 4200 Series
11121314151617181920
7 | Page Celestix HOTPin Appliance Installation Guide
This section provides a brief overview to help system administrators become
familiar with the HOTPin system. It reviews authentication methods and
summarizes the configuration for a standard deployment. It also provides
information about how HOTPin works with Active Directory and notes for client
software platforms that have special considerations.
User Authentication
HOTPin requires a user name and passcode for login. A passcode includes
personal identification numbers (PINs) and one-time passwords (OTPs) for two-
factor authentication. A passcode for single-factor authentication HOTPin
deployments just includes an OTP. In the HOTPin system, OTPs are also
referred to as token codes. Each user has a unique token key and an
incrementing counter to create the token code. That allows more secure login to
a network from a remote device (for example, PC or mobile phone) because the
code changes each time.
In two-factor authentication, PINs can be created in three ways:
Administrators can set the PIN through the web UI.
User can set the PIN through the HOTPin User Website.
Users can create a PIN the first time they log in.
Until the PIN is created, the user account is in New Pin Mode. Once a PIN is
created, it will be used for each subsequent login.
Some organizations do not require that a PIN be included in the passcode
because they also use another form of authentication at login (like Active
Directory). While it may be sufficient to use HOTPin as single-factor
authentication in specific cases, each organization should thoroughly evaluate
the risks before choosing to disable the PIN requirement.
Token code generation methods are discussed in the following three topics.
Client Software Tokens
Software tokens, generally referred to as client software, are client software
token applications that must be installed on PC's, Macs, or mobile devices to
generate the token codes used in passcodes. The client software essentially
turns a user device like an iPhone
®
into a token. Client software may also be
referred to as a soft token.