Mtoken CryptoID User Manual PDF
Mtoken CryptoID User Manual PDF
mToken CrytpoID
Product version
V3.0
Revision Record
Contents
1. MTOKEN CRYPTOID PRODUCT OVERVIEW ................................................... 3
|
Public
mToken CryptoID User Manual
1.1. Challenge
On the other hand, network security issues are prominently increasing; whereas in
traditional process of network security authentication, “username + password”
authentication method is used frequently, this kind of strategy is easy but insecure.
Meanwhile PKI systems and network security technology based on portable hardware is a
new and trending development in digital security to ensure data privacy, confidentiality
and availability. Embedded with secure element and smart card chip technology, Century
Longmai’s mToken CryptoID is a PKI USB authenticator utilizing CCID drivers for highly
robust authentication and verification deployments across multi-industry. The CCID
drivers work to protect the USB connection and are therefore less susceptible to packet
sniffing thus providing stronger authentication.
The mToken CryptoID product could be seamlessly integrated with the exiting PKI
applications, like Web, E-mail, VPN, Windows Smart card logon, etc. The end users of
mToken CyrptoID benefit from driverless Plug & Play operations (without need to
manually install any software), which allows for unproblematic yet secure verification of
users in web services, E-mail protection, VPN login, Windows smartcard logon for both
network and local based authentication.
|
Public
mToken CryptoID User Manual
mToken CryptoID PKI Certificate Utility is an easy to operate GUI application used to
conveniently manage mToken device.
Please run CryptoIDE_Setup.exe to install.
3. Advanced configuration
1. Start mToken CryptoID PKI Certificate Utility, all the connected devices will be
auto-detected and listed in the left Panel.
2. Then select a device name, detailed information about connected token will be
shown in the right Panel.
|
Public
mToken CryptoID User Manual
To change the token’s name, select Change Token Name in the left tree and
input a new name in the dialog box, click Set to save changes.
|
Public
mToken CryptoID User Manual
Note: The token will be locked after ten times wrong PIN inputs. In this case, user has to
contact the developer to unlock it.
The remaining trials are independent of reconnection and time, but will restore to default
value after successful PIN verification.
User can check the “User PIN Try Times” by clicking the device name in the left
tree.
After successful login the Certificate Utility, you can view the available containers and
certificates in them.
|
Public
mToken CryptoID User Manual
Double-click the certificate or click the View button to see the detailed information in the
Certificate dialog box (as seen below)
|
Public
mToken CryptoID User Manual
The system information is displayed when click the “system information” item from the
utility.
The “Rescan” button could be used to rescan the system and the “export” button could
export the system information into a txt file for diagnosis.
The “Check version” button is for new version detection, if there is new version
middleware released, this button could help the end user upgrade to it easily.
|
Public
mToken CryptoID User Manual
mToken CryptoID PKI Manager is designed to manage the token device, including
Device initialization, SO PIN setup, device Unlock, ISO download and Certificates
management.
1. Starts the mToken CryptoID PKI Manager, all the connected mToken
2. Then select a device name, the detail information of the connected token
|
Public
mToken CryptoID User Manual
To import certificate into the mToken CryptoID, perform the following operations:
1. Select Certificate in the left tree and input correct User PIN.
2. Click Import Certificate button.
3. Click Browser button to select a certificate.
4. Input its correct password if needed.
5. Select New Container Name (manually input a name or use an auto-name
by clicking Random Name button)
6. Select Existing Container (choose from drop-down list).
7. Select the type of the key.
8. Click OK button to import the key.
|
Public
mToken CryptoID User Manual
Note:
1. A container can contain up to two certificates, but must different type; for
example, the first one’s type is Key Exchange, the other one must be Signature
and vice versa.
2. If it contains multiple certificates, you can select “All certificates” option to
import the certificate chain.
You can delete containers and certificates quickly with mToken CryptoID Manager.
Select a container and click Delete Container button (all certificates in it will be
deleted).
Note: You can only delete certificate through deleting the container.
Min PIN length and Max PIN length are limited to 6~32 characters while Max PIN
try count is limited to 15 trials.
Note: Initialize function should be used carefully, because all containers and certificates
will be cleared during this process. In addition, all PINs (including SO PIN) will be reset.
If the device administrator needs to change SO PIN, please directly use PKI
Manager to for this modification.
|
Public
mToken CryptoID User Manual
In case the user forgets the PIN (user PIN); manager can use mToken CryptoID PKI
Manager to unlock the device.
Note: The length of the PIN has to be limited by the Min PIN and MAX PIN length.
The token supports remote unlock by Request/Response mechanism if the user pin is
locked.
1. Select “Remote unlock” from the tree and show the dialog:
|
Public
mToken CryptoID User Manual
2. Click “Generate” button to generate the unlock request, please keep the dialog
and don’t plug out the token during the unlock process.
3. Run the “CryptoIDUnlock.exe” to generate the response code with the correct
SO Pin and generated challenge code:
4. Fill the generated response code and new user pin to unlock it.
|
Public
mToken CryptoID User Manual
If the user has mToken CryptoID Middleware installed, the mToken CryptoID tray icon
will display upon connecting mToken CryptoID device.
Right-click the tray icon to diplay the three functions shown in figure above.
① Show Main Window --- Click to start PKI Certificate Utility.
② Settings --- Click here to configure URL and warning period for expired
certificate.
|
Public
mToken CryptoID User Manual
|
Public
mToken CryptoID User Manual
Established in 2003, Century Longmai Technology Co., Ltd is one of the most leading information
security device vendors in China with over 12 years’ experience developing latest generation of
digital security solutions and products for secure information access and transmission. Our
product portfolios include PKI dongles, wireless PKI tokens, OTP tokens, smart card, smart card
readers, electronic document protection solution, software license dongles , Smartcard readers
and OEM services. Proved to be secure and convenient, our solutions and products are dedicated
to help customers build safe, efficient and sustainable networks, financial systems and enjoy
secure access to data and information everywhere whenever they want.
3rd Floor, GongKong Building, No.1, WangZhuang Road, Haidian District, Beijing, China
Postcode: 100083
Tel: (86) 10-62323636 | Fax: (86) 10-62313636
Sales E-mail: [email protected] Support E-mail: [email protected]
Website: http://www.longmai.net
|
Public