The Sign On page is the first page you will see from the MOVEit DMZ site. This page contains fields for your Username and Password and a "Sign On" button to send this information to MOVEit DMZ.
Clicking on the keyboard icons next to the username and password fields will open a clickable keyboard which can be used to enter your authentication information. Using the clickable keyboard can help thwart keystroke loggers. If you are logging on to the MOVEit DMZ site from a public computer, it is highly recommended you use the clickable keyboard to enter your username and password.
If your organization supports multiple languages, MOVEit DMZ will provide links to switch the displayed language. Clicking one of the links will change the Sign On page to display in that language, and set a cookie so your language choice is used the next time you sign on.
When you press the Sign On button, your username and password are transmitted securely (via HTTPS) to MOVEit DMZ. If your sign on attempt fails, you will see an error message. If you attempt to sign on too many times in a short period of time you may get locked out of the system altogether. If you need assistance, use the "Tech Support" link on the Sign On page to contact someone who can help you.
If your sign on succeeds you will be rewarded with a success message.
The page you will see immediately after signing on depends on how you got to the sign on page in the first place. If you clicked a link from your web browser or typed a short URL into your browser, you are now most likely at the Home Page. If you clicked a link from an email notification, you are now either looking at a package or file.
For security reasons, the SAME message is displayed to anyone who fails to sign on for any of the following reasons. (You will only be told that access was denied, not WHY access was denied!)
Some organizations may allow you to request an automatic password change if you have forgotten your password, to avoid a round trip though technical support staff. If this option is enabled, a "Request a password change" link will be present at the bottom of the signon page.
Clicking this link opens the Password Change Request page. This page will prompt you for your username and provide instructions for completing the password change process. Once you enter your username and click the Request Password Change button, an email will be sent to your registered email address, if your account has one, either with instructions for completing the password change, or a notice that the password change was denied.
This page is displayed if you click a "Request a password change" link at the bottom of the signon page.
Enter your username in the field and then click the "Request Password Change" button.
An email message with more information about the password reset process will be sent to your registered email address. This message may ask you to click on a link to reset your password. If it does, you will have the specified amount of time to do so before the link expires. If no link is provided in the message, or if you do not receive a message within 15 minutes, you will need to contact your administrator to reset your password.
Some organizations may allow you to self-register in order to send a package. Self-registering users are handled according to the organization's configuration as either one-time guest users or limited-time temporary users. If this option is enabled, a "Register and Send Files" link will be present at the bottom of the signon page.
Clicking this link will open the Register and Send Files page. This page has fields for your recipent's email address as well as for your email address.
Depending on how the organization has set this up, the page might also offer a "Captcha" box to provide verification that you are a person and not an automated process.
Once you enter the requested information and click the Register and Send Files button, you will either be signed in immediately or you will receive a page explaining that an email is being sent to your email address with information and instructions for completing the registration.
Your organization may require you to authenticate to MOVEit DMZ with an SSL (X.509) client certificate ("client cert"). This is common when "two-factor authentication" is required.
All client certs are either "self-signed" or "CA-signed". The "CA-" indicates that a "Certificate Authority" has signed the client cert and vouches for the identity of the bearer. Furthermore, CAs are divided into "commercial CAs" that sell client cert issue and signing services to the general public (e.g., Thawte, GeoTrust, etc.) and "corporate CAs" that perform the same client cert functions for their own users.
MOVEit DMZ supports self-signed certs, commercial CA-signed certs and corporate CA-signed certs, but only your organization can tell you which client certs it will accept for authentication. Your client cert may be delivered to you as a "*.pfx" file with a password or it may be your responsibility to request a client cert from a CA; again only your organization knows the details of this process.
Various browsers have different ways to install client certs. Internet Explorer (IE) uses the Windows Certificate Store; you can either install and manage client certs through IE's "Certificate" dialog (located on the "Content" tab under IE7's "Tools" menu). Windows will also launch a client cert import wizard that will automatically install most client certs into IE if you just double-click "*.pfx" client cert file.
The Mozilla/Firefox line of browsers uses its own client cert store. To install client certs in these browsers you must use their "Certificate Manager". In Mozilla (1.7), this facility is found in the "Privacy & Security" options tree. In Firefox (2.0), this facility is found in the "Encryption" options tab ("View Certificates" button).
Various browsers also have different ways to select client certs for authentication. The most common way is for the browser to simply ask you (via a pop-up dialog) about which client cert to use. When connecting to a MOVEit DMZ server, you may be prompted through your browser to select a client cert after you fill in your username and password or before you view the sign on screen.
However, most browsers also have options to automatically present a client cert if you only have one installed or not ask you about picking a client cert if you did not present one. In these cases you may be using client cert authentication behind the scenes (in the "one cert, so don't ask" case) or not at all (in the "no certs installed, so don't ask" case).
Finally, the private key on your client cert may be password protected. If this is the case you may need to type in the password you created when you opted to protect this client cert or key store as well. (Usually, such prompting takes place once per session.)