Carbonio Auth for users#

Carbonio Auth features a dedicated settings page (see Fig. 15) to manage all user-side credential and features, such as the account and EAS Mobile Passwords, Mobile App QR Codes, and OTP for 2FA.

Carbonio Auth settings page overview#

The Carbonio Auth settings page can be accessed from the right-hand side menu. Users do not need any CLI access to use the Carbonio Auth.

The creation of a new credential allows to give access to the account, possibly including the Zextras Mobile Apps, to other persons without having to share the personal credentials.

../_images/authpage.png

Fig. 15 The Carbonio Auth settings page.#

From the settings page, the user can:

  • Change the password of the currently logged in user

  • Add new credentials in the dedicated pages, accessible by clicking Exchange ActiveSync, Mobile Apps, or OTP Authentication

  • Check the status and other information for all Exchange ActiveSync and Mobile Apps credential created. In each section, entries in the list display the label of the password, its status, the service it is valid for, and its creation date.

  • Check the status and other information for every One Time Password created. Here, each entry shows a description, its status, the failed attempts, and its creation date.

  • Manage the 2FA access. Each user can decide whether to enforce access using 2FA, unless its use has been enabled or disabled at COS, domain, or global level.

  • Delete any credential created

Important

Users can in no case modify their assigned username, change the password of credentials they generate, or modify any property of the credential. Limited editing of a credential is strictly limited to the administrators.

In the remainder of this section, we give an overview of the various possibilities to create new credentials and provide instruction to add or delete them them.

Change Password#

In order to change password, click Change Password. Here, you need to provide the current password, then enter twice a new one (see Fig. 15.

Hint

Make sure you use a robust password, which includes lowercase and uppercase letters, numbers, characters, and is at least *8 characters long.

To save the new password, click the blue CHANGE PASSWORD button.

Create New Credentials: EAS#

To create a new Password for EAS service, click Exchange ActiveSync, then NEW AUTHENTICATION +. Here, enter an easy to remember identifier for the password in the Authentication description field.

../_images/eas1.png

Then click CREATE PASSWORD: the new Mobile Password will be displayed.

../_images/eas2.png

Finally, click the COPY PASSWORD button to copy the password to the clipboard.

Warning

Mobile Passwords are randomly generated and cannot be displayed again after the creation is complete.

Click DONE to close the Carbonio Auth window. An entry for the new Mobile Password is now visible in the Active Passwords list of the Carbonio Auth Zimlet.

Create New Credentials: Mobile Apps#

Carbonio Auth can speed up and manage Zextras Application logins, such as those for the APPs for Mobile Devices. This is achieved through the creation of a QR Code, which the user can then scan from the App’s login page to log in. The procedure is very similar to the one described in the previous section.

Warning

QR Codes are a one-time credential only, meaning that once generated it will grant access to the app until the relevant credential itself is deleted from the account. Once generated, the QR Code can only be viewed once.

In order to create a new QR Code for Mobile Application, open the Carbonio Auth Zimlet and click Mobile Apps, then NEW AUTHENTICATION +. Here, enter an easy to remember identifier for the password in the Authentication description. Click CREATE PASSWORD and the new QR code for Mobile Application will be displayed. You can use the Zextras mobile app to frame the code and grant access to the app.

Warning

QR Codes are randomly generated and cannot be displayed again after the creation is complete.

Click DONE to close the Carbonio Auth window. An entry for the new Mobile Application is now visible in the Active Passwords list of the Carbonio Auth Zimlet.

Create New Credentials: OTP#

In order to create a new One Time Password access, open the Carbonio Auth Zimlet and click OTP Authentication, then NEW OTP + to open a dialog in which you have to enter a unique label to identify the OTP.

../_images/otp1.png

You will be presented with the QR code: scan it with your smartphone or copy it (as string) to the clipboard, then click NEXT to see the list of PIN codes to be used for authentication.

../_images/otp2a.png
../_images/otp2b.png

Next, click the PRINT PIN CODES button to print the codes on paper or to a file. The printed document includes all the codes, the username/e-mail address for which they are valid and instructions to use them.

../_images/otp3.png

Warning

QR codes and their associated PINs are randomly generated and cannot be displayed again after the creation is complete.

Finally, click DONE to close the Carbonio Auth window. An entry for the new OTP entry will be shown in the list.

Note

The Description is automatically created using the email address to which it is associated.

Delete Credentials#

In order to delete a credential, simply select it from the list of Active passwords or OTPs, and click the DELETE x button:

../_images/delete_credential.png

Click YES to confirm the removal of the credential.