This documentation refers to inWebo Authenticator 6 installation and configuration.

InWebo Authenticator is a One-Time Password generator App that supports push notifications as well a fully offline mode. The main terms you may encounter are the following:

  • Activation → action of enrolling, registering a device as a trusted authentication tool.

  • Device → trusted authentication tool. It may be a mobile, a computer (desktop app) or a web-browser.

  • OTP → the One-Time Password you can generate to log in.

  • Service → the environment in which your account is registered. It is usually your company.

  • Account → the space where your personal data is stored as a user in a service. You access your account settings from your Authenticator application.

  • PIN code → the personal identification number (PIN) used for authentication. It is also required to validate an important action in your account.

Download and installation

Authenticator 4 application is no longer supported on recent versions of operating systems. The current Authenticator app that we recommend installing is Authenticator 6.

See the “Migrating from Authenticator 4 to Authenticator 6” documentation.

The inWebo Authenticator 6 App is available for the following operating systems: Android / iOS / Windows / macOS.

  • For Android: Google Play Store

  • For iOS: App Store

  • For Microsoft Windows and macOS, installation files are available in the Resources Downloads page

  • For scripting and deployment purposes, the installation file for Microsoft Windows is also available in .MSI format

Authenticator app for Windows

Find below some useful information about inWebo Authenticator installation on Windows.

Install the app certificate

Below are two ways to install the certificate.

This is required to authenticate to the administration console v2 with Authenticator Desktop (see Administration Console V2)

Install the certificate by launching the app as administrator
  1. Install Authenticator manually with exe, with a non admin user

  2. Close Authenticator.

  3. Launch Authenticator as an administrator, by right clicking on the icon. This installs the certificate.

The following application launches can be done with a non admin user.

or

Install the certificate manually
  • Install Authenticator application and launch it.

  • Save the certificate in a folder on the local computer. The certificate is available in the “About” page of your installed Authenticator 6 App.

  • Rename the file in .crt format

  • Right click and select "Install certificate"

  • Select "open" and "Local Machine" in the Certificate Import Wizard screen

  • Select "Next" and "Place all certificates in the following store"

  • "Browse" Certificate store" and select "Trusted Root Certification Authorities"

  • Select "OK", "Next" and "Finish"

Silent installation

The inWebo Authenticator application can be silently installed. Run the following commands with admin privileges: "Authenticator-Windows-Setup.exe" /S

Error codes

inWebo Authenticator installer returns error codes as a result of their execution:

  • 0 - Normal execution (no error)

  • 1 - Installation aborted by user (cancel button)

  • 2 - Installation aborted by script

Upgrading Authenticator

Find below our recommendations when upgrading Authenticator on Windows.

  • Install the new version without uninstalling the previous one. This will allow you to keep the activated accounts of your Authenticator devices. If you uninstall your Authenticator application, you will lose the inWebo profiles activated on these tools.

  • Keep the same installation method (exe or msi) used to install the previous version. EXE files and MSI installers use different installation paths, so upgrading exe to msi or the other way around will not keep your users' enrollments.

To see if you have previously installed via the exe or via the msi, check the Authenticator 6 installation directory:

  • for the exe, the installation directory is: C:\users\<User_Name>\AppData\Local\Programs\authenticator6

  • for the msi, the installation directory is: C:\Programmes(x86)\Authenticator 6

To upgrade to Authenticator 6.14, you should upgrade from 6.12 only. Upgrading from Authenticator 6.8 to Authenticator 6.14 is not possible.

First app launch

To get started with Authenticator 6 app, you should first activate a device. To get a valid activation code for the first time, contact your administrator.

  1. Launch Authenticator 6 application.

  2. Check “I agree” to give your consent to the Privacy Policy.

  3. Allow Authenticator 6 to take pictures (this is used to scan QR codes).

  4. Enter a valid activation code (contact your administrator) and click the validate button.

  5. Define a new PIN code.

Your device is now activated as a trusted device.

Overview

The home page

Here you can see the standard actions you can perform by clicking on the items of the Authenticator 6 app home page.

  • Service name and logo → When clicking on your service name and logo, "Authorize a connection",
    you can check pending authentication.

  • Generate an OTP → To generate an One-Time Password with this device, when it is needed

  • My Devices → To manage your trusted devices. You can also add a new trusted device.

  • My Account → To manage your PIN code, your Antiphishing security, or initiate the account recovery (when blocked).

The menu

Here you can see the standard actions you can perform by clicking on the items of the Authenticator 6 app sidebar menu.

  • Home → To return to the home page.

  • Generate an OTP → To generate an One-Time Password with this device, when it is needed

  • My Devices → To manage your trusted devices. You can also add a new trusted device.

  • My Workstation → To manage your workstations and your scratch codes (only for Windows Logon)

  • My Account → To manage your PIN code, your Antiphishing security, or initiate the account recovery (when blocked).

  • Audit → To consult your authentication activity

  • Dark mode → To enable/disable dark mode for the app

  • Language → To switch the interface language of your App (English, French, Spanish, Deutsch, Italian, Russian, Chinese, Japanese)

Authentication

Depending on the authentication mode selected, you can receive push authentication requests on your mobile device (Authenticator mobile) or in the notification system of your computer (Authenticator Desktop).

  • During the authentication process you receive notification. Click on the notification to launch the Authenticator 6 app.

  • If requested, enter your PIN code and click the “Accept” button to validate this push authentication request.

  • You are successfully authenticated. Close Authenticator 6 application.

Configuration

Accounts

Switching to a different account

The inWebo authentication application allows you to switch between inWebo accounts if you are subscribed to several inWebo services.

  • In the inWebo Authenticator 6 app menu, click on "Accounts".

  • You get access to your activated accounts list in inWebo Authenticator 6 app.

  • Select the account you want to be authenticate with.

Adding a new account
  1. Click the “Add an Account” button at the bottom of your accounts list.

  2. You reach the activation page to add a new account on this device.

  3. Enter a valid Activation Code or scan a valid QR Code (ask your administrator).

Managing your current account

To manage your current account (the one you are currently authenticated with in Authenticator), go to “My Account” section (from the Authenticator home page or from the sidebar menu).

  • This section allows to:

    • Change your PIN → Enter your old PIN code to change for a new one.

    • Reset my PIN Code → To enter a unlock code (given by your administrator) to unlock your PIN code when locked.

    • Antiphishing → To change your Antiphishing seal - You can define a personal and secret sentence to be displayed in browser-based authentication apps whenever a personal code is requested. This helps you to verify that you are connected to a legitimate inWebo server.

    • Account recovery → You can provide an email to receive an unlock or reactivation code in case of a loss or lock of your trusted devices.

    • Register your Biokey (or Update your Biokey when already registered) → You can provide an email to receive an unlock or reactivation code in case of a loss or lock of your trusted devices.

    • Register your Biokey ( available only if the administrator enabled the option) → You can register or update your Biometric key.

My Devices

 This section will only be displayed if your administrator enabled the option in the inWebo administration console

When selecting "My Devices" section you can consult and manage the list of trusted devices.

Available actions

To rename the trusted device.

To lock a trusted device.

To delete a trusted device.

The trusted device correct status.

To display details about the trusted device:

  • the type → Authenticator application, browser-based Authenticator (VirtualAuthenticator or Helium)

  • the last authentication with the trusted device (DD/MM/YYYY hh/mm/ss)

Audit

 This section will only be displayed if your administrator enabled the option in the inWebo administration console

This section allows you to consult the activity of your account of the inWebo platforms.

  • Date: format DD/MM/YYYY hh/mm/ss

  • Action:

    • CREATE_USER → administrator created a user

    • ACTIVATE → user is activated

    • GET_OTP_FOR_SERVICE →

    • GET_ACCESS_TOKEN_FOR_SERVICE →

    • GENERATE_OTP → One-Time Password has been generated

    • DELETE_DEVICE → a trusted device has been deleted

    • UPDATE_USER → administrator updated user’s information