4.8 Setting Up a Passphrase

A SecureLogin passphrase is a question and response combination used as an alternative form of identity verification. Passphrase functionality protects SecureLogin credentials from unauthorized access and enables users to access SecureLogin in offline mode. Passphrases can also be used as a substitute authentication mode if for example, a user forgets their password. Depending on the administrator’s preferences SecureLogin passphrase questions can be generated by the administrator and/or the user.

If a passphrase has previously been configured this dialog box will not display and the installation is complete.

Administrators can also set up SecureLogin passphrase questions for their users and enforce strict policies on answers. For more information, see Novell SecureLogin 6.0.SP1 Administration Guide.

NOTE:During installation, SecureLogin passphrase security is enabled to enforce passphrase setup during initial login. Administrators can disable the passphrase policy of SecureLogin by unchecking the Use Passphrase Policy check box in the Advanced Settings pane of the Administrative Management Utility.

IMPORTANT:System administrators must be aware of the possible implications for user’s data security if passphrases are disabled.

Passphrase Setup dialog box

On initial login to SecureLogin all users are requested to save a passphrase response. It is important that this response is easy to recall as it cannot be viewed by anyone.

As administrator, and therefore first user of SecureLogin, you must create a passphrase question for yourself.

  1. Specify a question in the Enter a question field.

  2. Specify an answer in the Enter the answer field.

  3. Specify the answer again in the Confirm the answer field

  4. Click OK. Your passphrase is saved and SecureLogin is installed on the administration workstation.

NOTE:

  • When you upgrade, SecureLogin stores all user data, including the user’s passphrase question and response, from the previous version. The creation of a new passphrase question or answer is not required.

  • You can create passphrase questions for users to select from, in a directory environment. However, since you are the first SecureLogin user, you must create your own passphrase question. For more information about passphrases and instructions for creating passphrase questions for users, see Novell SecureLogin 6.0.SP1 Administration Guide.