Installation guide

Celestix HOTPin Appliance Installation Guide Page | 62

 Token Override – Yes indicates the user account can log in without a

token code.

 Token Provider – displays the token method assigned to the user

account.

Note: Your organization may have had additional customized

options created

 (none) – indicates that users will either run client software on a

user device (for example: mobile phone, PC) or use an external

key (like a key fob hard token).

Note: An external key can only be assigned by an

administrator.

 ClxEmailOtp – uses email or email-to-SMS to send a token

code to the user.

 ClxHttpOtp – generally used to send the code to an SMS server

that will then send it to a user's mobile device.

ClxSmsOtp – sends the code to a user’s mobile device through

an SMS modem that you connect to your appliance.

 Locked Out – Yes indicates the user has exceeded the maximum

authentication failures limit (HOTPin|Settings|Authentication).

 Enabled – Yes indicates the user account is active and has login

privileges.

Access these task functions on the Users screen:

 New – create a new HOTPin user manually. See the Add a User topic

for more information.

 Properties – edit an existing user; select one or multiple users to

enable. See the Change User Account Settings topic for more

information.

 Delete – remove user accounts; select one or multiple users to enable.

This action is not reversible. If the user may need access again, you can

disable the account (HOTPin|Users|Properties|General|Account is

enabled).

 Import – add users from AD or a text file through an import wizard. See

the Import Users topic for more information.

 Unlock – enable access for users who have exceeded the maximum

authentication failures limit (HOTPin|Settings|Authentication). Select a

user account that has been locked out to enable the button.

Note: Successful authentication will reset the authentication failure

counter.

 New Key – create a new token key for a user account. Select one or

multiple user accounts to enable.

Notes:

 If the account has now been assigned the client software token

generation method, the new token will need to be imported to

the user’s device.

 If the account had been assigned an external key, it will be

unassigned and then an internal key will be applied.