What Is It?
Secure console sign in via email makes end user login and password management much easier for administrators. It allows managers and end users to request a secure, one-time use login link to be sent to their email address. It's simple and fast and eliminates the need for users to memorize another password, and the need for admins to set up POP or LDAP authentication for the Mailprotector console.
How Does It Work?
A user or manager enters their email address (for end users) or username (for managers) on the normal sign-in page and, if this feature is enabled, is immediately presented with a link to "Email me a secure sign in link." After clicking the link, they receive an email message in their inbox with a 'Sign in' button that automatically logs them into their account on the Mailprotector console.
Is it Secure?
Yes, it is secure. The link functions the same way that a password reset email works. Clicking the link to "Email me a secure sign in link" generates a secure authentication token, associates that token to a unique URL, and immediately sends an email with this URL to the user who requested it. This process serves as the authentication in place of the password because access to the link requires access to the user's email inbox, and we're delivering it directly to the inbox. The link can only be used once, and it expires one hour after being generated.
How Do I Enable It?
If you're an existing partner and you want to enable this feature, you can do so from the Permissions page for a reseller, customer, domain, user group, or user in the Mailprotector Console (see screenshot below).
Troubleshooting
Sign-in links can be invalidated by other email security mechanisms that click a link before a user does, such as Microsoft's Safe Links. To troubleshoot invalid or expired sign-in links, please read Users cannot sign into Console from email link
Comments