Sign On

The Sign On page is the first page you see on the MOVEit site. This page contains fields for your Username and Password and a Sign On button to send this information to MOVEit.

Protect Against Keystroke Loggers

Clicking on the keyboard icons next to the Username and Password fields will open a clickable keyboard which can be used to enter your authentication information. Using the clickable keyboard can help thwart keystroke loggers. If you are logging on to the MOVEit site from a public computer, it is highly recommended you use the clickable keyboard to enter your Username and Password.

When you click Sign On, your username and password are transmitted securely (via HTTPS) to MOVEit. If your sign on attempt fails, you will see an error message. If you attempt to sign on too many times in a short period of time you may get locked out of the system altogether. If you need assistance, use the Tech Support link on the Sign On page to contact someone who can help you.

If your sign on succeeds you will be rewarded with a success message.

If asked to change your password, do so.

Next, see Configure the Upload/Download Wizard.

Common Reasons Access is Denied

For security reasons, the same message is displayed to anyone who fails to sign on for any of the following reasons. (You will only be told that access was denied, not why access was denied.)

• Username is incorrect
• Password is incorrect
• Account has been suspended (for too many bad signon attempts, password aging, or manual administrator action)
• Account is not allowed to sign on from this IP address
• IP address has been locked out (for too many bad signon attempts, often with different usernames)
• Client certificate has not been provided when one is required, or a bad client certificate has been provided.

OPTIONAL SIGN ON PAGE FEATURES:

Request a Password Change

Some organizations may allow you to request an automatic password change if you have forgotten your password, to avoid a round trip though technical support staff. If this option is enabled, a Request a password change link will be present at the bottom of the Sign On page.

Clicking this link opens the Password Change Request page.

Enter your Username in the field and then click the Request Password Change button. An email will be sent to your registered email address, if your account has one, either with instructions for completing the password change, or a notice that the password change was denied. The message may ask you to click on a link to reset your password. If it does, you will have the specified amount of time to do so before the link expires. If no link is provided in the message, or if you do not receive a message within 15 minutes, you will need to contact your administrator to reset your password.

Change Languages

If your organization gives the option to change languages before signing on, MOVEit will provide links to switch the displayed language. Clicking one of the links will change the Sign On page to display in that language, and set a cookie so your language choice is used the next time you sign on.

Register and Send Files

Some organizations may allow you to self-register in order to send a package. Self-registering users are handled according to the organization's configuration as either one-time guest users or limited-time temporary users. If this option is enabled, a Register and Send Files link will be present at the bottom of the Sign On page.

Clicking this link will open the Register and Send Files page. This page has fields for your recipient's email address as well as for your email address.

Depending on how the organization has set this up, the page might also offer a "Captcha" box to provide verification that you are a person and not an automated process.

Once you enter the requested information and click the Register and Send Files button, you will either be signed in immediately or you will receive a page explaining that an email is being sent to your email address with information and instructions for completing the registration.

Single Signon

If your organization gives the option to use Single Signon, MOVEit will provide a link to show your sign on options.

Single Signon lets you sign on using an account with an Identity Provider. Your organization may be configured to use an Identity Provider that can authenticate your username and password and sign you on to multiple applications, including MOVEit.

Click Try single signon with SAML. If there are multiple Identity Providers for your organization, you are prompted to select one.

Optionally, select Remember selection so that you can bypass the Select Identity Provider step on your next signon.

Click Continue. The Identity Provider's sign on screen opens.

Enter your username and password and click OK. Provided your account information is valid, the Identity Provider authenticates you and sends the information to MOVEit. Your MOVEit Home page opens.

On subsequent signons, if you are already authenticated (via your Identity Provider) from MOVEit or another application, corporate, or network account, when you open MOVEit, you will go directly to your Home page.

Note: If you click Cancel on the Identity Provider's signon page, an error page is displayed. To sign on, you must restart your MOVEit web interface session.

Client Certificates

Your organization may require you to authenticate to MOVEit with an SSL (X.509) client certificate ("client cert"). This is common when "two-factor authentication" is required.

All client certs are either "self-signed" or "CA-signed". The "CA-" indicates that a "Certificate Authority" has signed the client cert and vouches for the identity of the bearer. Furthermore, CAs are divided into "commercial CAs" that sell client cert issue and signing services to the general public (e.g., Thawte, GeoTrust, etc.) and "corporate CAs" that perform the same client cert functions for their own users.

MOVEit supports self-signed certs, commercial CA-signed certs and corporate CA-signed certs, but only your organization can tell you which client certs it will accept for authentication. Your client cert may be delivered to you as a "*.pfx" file with a password or it may be your responsibility to request a client cert from a CA; again only your organization knows the details of this process.

Various browsers have different ways to install client certs. Internet Explorer (IE) uses the Windows Certificate Store; you can install and manage client certs through IE's "Certificate" dialog. Windows will also launch a client cert import wizard that will automatically install most client certs into IE if you just double-click "*.pfx" client cert file.

The Mozilla/Firefox line of browsers uses its own client cert store. To install client certs in these browsers you must use their "Certificate Manager".

Various browsers also have different ways to select client certs for authentication. The most common way is for the browser to simply ask you (via a pop-up dialog) about which client cert to use. When connecting to a MOVEit server, you may be prompted through your browser to select a client cert after you fill in your username and password or before you view the sign on screen.

However, most browsers also have options to automatically present a client cert if you only have one installed or not ask you about picking a client cert if you did not present one. In these cases you may be using client cert authentication behind the scenes (in the "one cert, so don't ask" case) or not at all (in the "no certs installed, so don't ask" case).

Finally, the private key on your client cert may be password protected. If this is the case you may need to type in the password you created when you opted to protect this client cert or key store as well. (Usually, such prompting takes place once per session.)