CyLock MFA is a powerful, token-less, advanced Out-of-Band Multi-Factor Authentication (MFA) solution which provides strong authentication & authorization mechanism using end users mobile devices. CyLock MFA is designed to protect user accounts, applications and devices.
Organizations or individuals can protect their applications by using CyLock Multifactor Authentication (CyLock MFA). CyLock Portal provides administrators with the ability to manage their users, protect applications and configure various MFA parameters.
To use CyLock MFA, users have to subscribe for a plan and register their details to gain access to CyLock Portal. Read the documents carefully before using CyLock MFA effectively.
CyLock Portal will allow organization administrator or individuals to manage their user accounts, protect applications, manage devices etc. The brief description of the functionalities is given in subsequent sections.
CyLock MFA is available on
. Download CyLock MFA mobile app
to carry out authentication.
CyLock MFA Portal will allow organization administrator or individuals to manage their user accounts, protect applications, manage devices etc. The brief description of the functionalities is given in subsequent sections.
Visit www.cybernexa.com to know more about MFA plans. Subscribe to a plan. For registration, do the following:
Field | First name of the user | Validation |
---|---|---|
First Name | Doe | Accepts 2 to 30 upper-case and lower-case alphabets and space. |
Last Name | Last name of the user | Accepts 1 to 30 upper-case and lower-case alphabets and space. |
Email Address | Valid email address of the user | Accepts a valid email format. |
Phone Number | Valid phone number of the user | Accepts 10 numbers. |
Password | Password to enter the CyLock portal | Accepts minimum 8 characters and contain at least 1 lowercase,1 uppercase,1 numeric,1 special character |
Confirm Password | Confirmation password that is same as the entered password | Should match the characters provided in the Password field. |
Select Organization / Individual | Option to select the type of login. Available options are:
|
NA |
Organization Name | Name of the registering Organization | |
Name of the registering Organization | Option to select the employee count range in the organization. Available options are:
|
NA |
Note: Organization Name and Select No. of Employees fields are displayed only when Organization is selected from the Select Organization / Individual drop-down.
Note: Below is the Registration Token sample in the email.
While sending verification token, the system displays the Email Verification screen as shown below.
You can log into the CyLock MFA Platform from any of the web browser available in your system.
Note: If you already have a CyLock account then system navigates to CyLock Homepage.
If you have forgotten your password and want to change it, click “Forgot Password?” in the Login Page. The system displays Forgot Password screen as shown below.
Note:Below is the Reset Token sample in the email.
While sending the token to the registered email address, the system navigates to “Token Verification” screen as shown below.
After successful login to CyLock MFA Portal, Homepage is displayed as shown below.
Homepage displays the Login User Name / Organization Name on the top right corner of the screen. On clicking Login User Name, dropdown menu including Profile, Change Password and Logout are displayed.
Admin Dashboard includes below functional menus on the left pane of the Homepage as in Figure below. They are
On the right pane of the Homepage, basic metrics that includes Device Connected, Secured Application and Registered Users are shown. Below the metrics, Authentication History is displayed as shown in home page.
Authentication History:An audit trail lists all the authentications that has been performed by users of the Organization. The list view includes below details
The list view displays 10 transactions in a page and can be customized using the drop-down selection as shown below.
Authentication History list view is also facilitated with “Search” that allows quick search of authentication details of a User as shown below.
User Management allows Organization Administrator to add User, change User status, view / update User information and delete User from the Organization. User Management includes two types of Users, namely Portal Users and Local Users.
Portal Users have permissions to access CyLock MFA portal similar to that of Organization Administrator. In other words, Portal Users are end users who use CyLock MFA for authentication purpose.
Local Users do not have permissions to access CyLock MFA portal, but are created for authenticating them against network devices login.
From the Dashboard menu, expand User Management menu and click Portal User link, the system displays User Management Dashboard. User Management Dashboard includes metrics and List of Registered Portal Users.
Metrics includes as below:
The List of Registered Portal Users view includes below details
Note: Click “Cancel” to exit the form without saving.
The system navigates to Edit Portal User form as shown below.
Note: All fields except User Role are allowed to modify.
Note: Click “Cancel” to exit the form without saving.
Note: Click “Cancel” in Delete User popup, to exit the process without deleting the User account.
Note: Click “Cancel” to exit disabling Portal User without saving.
Local User Dashboard allows the Organization Administrator to add Local User, import Local User, change User status, view / update User information and delete User from the Organization. On clicking Local User under User Management menu, User Management – Local User Dashboard is displayed as shown below.
User Management – Local User Dashboard includes metrics and List of Registered Local Users.
Metrics displays Total Local Users – Number of Local Users.
The List of Registered Local Users view includes below details
In the New User form as shown in Figure below, enter below details.
(Recommended password is minimum 8 characters and contain at least 1 lowercase,1 uppercase,1 numeric,1 special character)
Note: Adding Local User allows the system to create First Factor Authentication (1FA). If an organization does not have an identity store like Microsoft Active Directory, they can use the local store to create and carry out first factor authentication.
The system navigates to Edit Local User form as shown in below Figure.
Note: Click “Cancel” to revert any changes.
The System displays the “Download/Upload Template” screen.
Below is the snapshot of the template file.
Note: Import is allowed for 100 user entries at a time using the template. The System displays below success message.
Below snapshot shows the sample imported data.
Note: Click “Cancel” in the Delete User popup to exit the process without deleting the User account.
Note: Click “Cancel” to exit disabling Portal User without saving.
Application allows Organization Administrator to secure new application, view locked accounts, add/view users for each secured application, change application status, view/update application information and delete an application.
From the dashboard menu, click Application to display the Application Dashboard on the right pane. Application Dashboard displays metrics and list of registered applications.
List of Registered Applications displays:
Using CyLock MFA, Organizations / Individuals can enable MFA for the below types of Applications
Note:
Pre-requisites: Securing an application requires an active CyLock MFA account. Refer “Getting Started” to start using CyLock MFA to protect your applications.
Parameter | Description |
---|---|
API Key | Read-only, auto-generated unique key |
Customer ID | Read-only, auto-generated unique key |
Server IP Address | Valid Server IP Address |
Application URL | Valid Application URL |
Application Alias | Unique Application Alias Name |
Note:
Note: Press “Back” to cancel saving the Secured Application created and go back to the previous screen.
CyLock MFA mobile app provides an option to the user to lock their application account (user) if they suspect fraudulent authentication request. Once it is locked from the mobile app, any further authentication requests will not be sent to the user’s CyLock MFA app. Only an administrator can unlock an account.
The system displays below message to confirm unlock action.
Note: Click “Cancel” to undo any changes.
Note: Click “Cancel” to exit disabling Application without saving.
The system displays “Application Information” page.
Note: Click “Back” to navigate to the List view without saving changes.
Note:
The system navigates to Application User list page as shown below.
Below is the list of all required fields and corresponding details.
Note: Multiple Application Usernames can be associated to single Portal Username
Note: Generally, PIN is recommended, as all Mobile devices might not have biometric during registration.
Note:Note: Possible value for authentication bypass ranges from 0 to 99; 9999 is for permanent bypass authentication
Administrator can perform below configurations for Application User in the Registered User List page.
After selecting View Users icon in the List of Registered Applications view, the system navigates to the Application User list view.
The System displays the “Download/Upload Template” screen.
Below is the snapshot of the template file.
Note: Import is allowed for 100 user entries at a time using the template. The System displays below success message.
Below snapshot shows the sample imported data.
Note: Click “Cancel” to exit disabling User without saving.
The system displays the “Edit Application User” page as below.
The System sends the QR code to the application user email address as shown in the below email sample.
Devices allow Organization Administrator to change default device for application user, view or update registered device information and delete registered device.
From the dashboard menu, click Devices to display the Device Dashboard on the right pane. Devices Dashboard displays metrics and List of Registered Devices as shown below.
Metrics includes Total devices that are registered, Number of Android devices and Number of IOS devices.
Registered Devices list view include below parameters
The system displays the below confirmation message
Note: The other registered device is automatically updated as “NO” in Is default status.
Click “Cancel” to avoid any changes made.
The system navigates to the Edit Registered User details screen as below.
Note: Except Geo Fencing, all parameters are read-only.
Note: If Location is inappropriate, Use “Search” option to get exact geo location.
Users can also add multiple geo-fencing for each device following the above process. If user has multiple devices registered for one application user, then for each device separate geo-fencing can be added.
In the Geo-Fencing Details, the Organization Administrator can perform below actions, if necessary.
The system displays below confirmation message.
The system throws failure message, if the registered device is default as below.
Note: Click “Cancel” in Delete User popup, to exit the process without deleting the User account.
Administrator is allowed to generate different reports such as Audit History, Request Log and Login Activity Report.
Various Audit Reports can be generated based on the Audit Table selection.
Organization Audit History displays below customizable columns that can be checked / unchecked to appear in the report.
Portal User Audit History displays below customizable columns that can be checked / unchecked to appear in the report.
Secure Application Audit History displays below customizable columns that can be checked / unchecked to appear in the report.
Application User Audit History displays below customizable columns that can be checked / unchecked to appear in the report.
Device Audit History displays below customizable columns that can be checked / unchecked to appear in the report.
Request Log page displays metrics that includes Successful Authentication, Total Request and Total Devices, and Request Response Log list.
Request Log list includes below columns, so as to track the status of User Request
The Login Activity Report provides Login and Logout time stamp of CyLock MFA Portal application by all Users.
The Organization Administrator is allowed to do critical settings to all Users across all Applications.
Field | Description | Validation |
---|---|---|
Account Limit | User account limit in an Organization can be specified | 1000 is set as default |
Device Limit | Number of Devices allowed per User | 2 is set as default |
Real Time Authentications |
|
|
Offline Authentications |
|
Select offline authentications so as to make available for User preferences |
Other Features |
|
Select other features as desired |
Note: Click “Back” to navigate to Homepage Dashboard.
Application User can perform below tasks
Device displays “Set PIN for Account” as below.
What happens after registration? We have to show the screen and options available in that.
Application can be accessed through SSL-VPN using below authentication options
FortiClient navigates to Remote Access login Screen with VPN name and Username displayed by default
The system sends Push Notification to the mobile device as below.
Note: Swipe “Suspect Unusual Activity” to select “Reject” or “Reject and block” option, if suspect fraudulent action.
The system sends CR OTP to registered Email id as below sample screenshot.
The system sends Plain OTP to registered Email id as below sample screenshot.
Click “Ok” to establish VPN Connection.