Getting Started - Sign On

The Sign On page is the first page you will see from the MOVEit DMZ site. This page contains fields for your Username and Password and a "Sign On" button to send this information to MOVEit DMZ.

signon1.png (34060 bytes)

Clicking on the keyboard icons next to the username and password fields will open a clickable keyboard which can be used to enter your authentication information. Using the clickable keyboard can help thwart keystroke loggers. If you are logging on to the MOVEit DMZ site from a public computer, it is highly recommended you use the clickable keyboard to enter your username and password.

signon_keyboard.png (60504 bytes)

If your organization supports multiple languages, MOVEit DMZ will provide links to switch the displayed language. Clicking one of the links will change the Sign On page to display in that language, and set a cookie so your language choice is used the next time you sign on.

signon6.png (37938 bytes)

When you press the Sign On button, your username and password are transmitted securely (via HTTPS) to MOVEit DMZ. If your sign on attempt fails, you will see an error message. If you attempt to sign on too many times in a short period of time you may get locked out of the system altogether. If you need assistance, use the "Tech Support" link on the Sign On page to contact someone who can help you.

signon3.png (4087 bytes)

If your sign on succeeds you will be rewarded with a success message.

signon2.png (5104 bytes)

The page you will see immediately after signing on depends on how you got to the sign on page in the first place. If you clicked a link from your web browser or typed a short URL into your browser, you are now most likely at the Home Page. If you clicked a link from an email notification, you are now either looking at a package or file.

Common Reasons Access is Denied

For security reasons, the SAME message is displayed to anyone who fails to sign on for any of the following reasons. (You will only be told that access was denied, not WHY access was denied!)

Requesting a Password Change

Some organizations may allow you to request an automatic password change if you have forgotten your password, to avoid a round trip though technical support staff. If this option is enabled, a "Request a password change" link will be present at the bottom of the signon page.

signon_passchange.png (42011 bytes)

Clicking this link will open the Password Change Request page. This page will prompt you for your username and provide instructions for completing the password change process. Once you enter your username and click the Request Password Change button, an email will be sent to your registered email address, if your account has one, either with instructions for completing the password change, or a notice that the password change was denied.

Client Certificates

Your organization may require you to authenticate to MOVEit DMZ with an SSL (X.509) client certificate ("client cert"). This is common when "two-factor authentication" is required.

All client certs are either "self-signed" or "CA-signed". The "CA-" indicates that a "Certificate Authority" has signed the client cert and vouches for the identity of the bearer. Furthermore, CAs are divided into "commercial CAs" that sell client cert issue and signing services to the general public (e.g., Thawte, GeoTrust, etc.) and "corporate CAs" that perform the same client cert functions for their own users.

MOVEit DMZ supports self-signed certs, commercial CA-signed certs and corporate CA-signed certs, but only your organization can tell you which client certs it will accept for authentication. Your client cert may be delivered to you as a "*.pfx" file with a password or it may be your responsibility to request a client cert from a CA; again only your organization knows the details of this process.

Various browsers have different ways to install client certs. Internet Explorer (IE) uses the Windows Certificate Store; you can either install and manage client certs through IE's "Certificate" dialog (located on the "Content" tab under IE7's "Tools" menu). Windows will also launch a client cert import wizard that will automatically install most client certs into IE if you just double-click "*.pfx" client cert file.

The Mozilla/Firefox line of browsers uses its own client cert store. To install client certs in these browsers you must use their "Certificate Manager". In Mozilla (1.7), this facility is found in the "Privacy & Security" options tree. In Firefox (2.0), this facility is found in the "Encryption" options tab ("View Certificates" button).

Various browsers also have different ways to select client certs for authentication. The most common way is for the browser to simply ask you (via a pop-up dialog) about which client cert to use. When connecting to a MOVEit DMZ server, you may be prompted through your browser to select a client cert after you fill in your username and password or before you view the sign on screen.

However, most browsers also have options to automatically present a client cert if you only have one installed or not ask you about picking a client cert if you did not present one. In these cases you may be using client cert authentication behind the scenes (in the "one cert, so don't ask" case) or not at all (in the "no certs installed, so don't ask" case).

Finally, the private key on your client cert may be password protected. If this is the case you may need to type in the password you created when you opted to protect this client cert or key store as well. (Usually, such prompting takes place once per session.)