SyferLock GridBasic User Guide 2 4 2 0

GridBasic™ Security Authentication
User Guide 2.4.2.0
SyferLock Technology Corporation™ reserves the right to make changes to any portion of its products at any time, without any notification to any person or entity.
Export authorization from the U.S. Department of Commerce may be required prior to export of SyferLock Technology Corporation™ products and technologies.
©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

System and method U.S. Patented 7,143,440 Additional U.S. and Foreign Patents Pending.
User Guide
11/19/2008
Table of Contents
Overview .................................................................................................................................... 3
User Name Login .......................................................................................................................... 4
Register a New User ...................................................................................................................... 5
GridGuard™ Login ........................................................................................................................ 7
Manage GridPass™....................................................................................................................... 9
User Administration ..................................................................................................................... 12
APPENDIX A – GridBasic™ Password Position Options ......................................................................... 15
APPENDIX B – MyGrid™ Samples .................................................................................................. 17
APPENDIX C – Frequently Asked Questions ....................................................................................... 22
APPENDIX D – Terminology .......................................................................................................... 23
2 of 25
SyferLock Technology Corporation™ reserves the right to make changes to any portion of its products at any time, without any notification to any person or entity. Export
authorization from the U.S. Department of Commerce may be required prior to export of SyferLock Technology Corporation™ products and technologies.

User Guide
11/19/2008
Overview
As more and more enterprise employees work remotely, from home offices or from mobile locations, the need for
reliable and secure application access is growing While current solutions can leverage SSL to provide a secure
connection over the internet, they cannot protect against threats on the remote computer such as key loggers, stored
browser passwords, or simple shoulder surfing. The GridGuard™ authentication system can help. By converting
existing password into a secure one-time code that changes every time, your password will be protected against many
common threats.
In addition to offering enhanced authentication into applications and allowing a one-time password log-in replacement
of static log-ins, Grid provides enhanced features such as detailed account history and monitoring at the user level
which assists in anomaly detection and detecting fraudulent account activity. This information can also be exported
into master corporate audit and compliance information records and databases.
With GridBasic™ authentication system uses a “one-to-one” mapping. In this case the GridPass™ that the user enters
always refers to a unique password with no ambiguity. This is done by entering digits for each character in your
password.
Within this guide, you will be walked through the 4 main areas of functionality:
User Name Login Register a New User
GridGuard™ Login Manage GridPass™
3 of 25

User Guide
11/19/2008
User Name Login

To login to your application using GridGuard™, simply enter your network user name.
If this is the first time that you are using GridGuard™, the system will launch the Register New User screen. You will
be required to enter your domain password and define the GridPass™ target corner.
If you enter an incorrect or invalid user name, the system will reset to the User Name Login page and any selections
made will not be saved.
4 of 25

User Guide
11/19/2008
Register a New User

If this is the first time that you are using the GridBasic™ system, you will need to register as a user and define a
targeted GridPass™ corner. This is the corner that you will use to login.
At the Register a New User screen, there are 2 required steps to complete. The following will walk you through
defining the fields and expected values for each of those steps.
Step 1: Verify Password – This password is your network password. Remember, it is case sensitive and will be
masked (not displayed). Please enter the value and go to Step 2.
Step 2: Select GridPass™ Corner - The GridPass™ corner selection is necessary as it will define the target
corner from which the user will enter in the GridCode™ value. To select the corner, click the radio button that
corresponds to the desired corner.
If you do not wish to register at this time, click the Cancel button which will bring you back to the login page to enter
your user name.
Once Steps 1 and 2 have been completed, click the Save button. If all fields have been successfully completed, you
will receive a registration confirmation. Once this is received, click the OK button and you will be able to login.
TIP: When using the keyboard to navigate through the Register a New User screen, once you tab to the Select
GridPass™ Corner section, you may then use the arrow keys to select your grid corner.
5 of 25

User Guide
11/19/2008
If you entered an incorrect or invalid password, you will be taken back to the screen to enter your user name with an
error message on the screen indicating an incorrect user name or password was entered.
Registration Confirmation
Within Register a New User, you will be able to launch the GridGuard™ video that will show you how to use the
system. To launch the video, click the green arrow in the middle of the video player and a separate window will launch
to play the video.
6 of 25

User Guide
11/19/2008
GridGuard™ Login
Once you have successfully registered, you will be brought to the GridGuard™ Login page. To login, you will simply
replace each letter or symbol in your password with the value in the target corner that you chose when you registered.
NOTE: The following Grid (two digits in each corner) is one option that you may see. For other options, please reference Appendix A. For
examples of what each of the MyGrid layout options look like, please reference Appendix B.
7 of 25

User Guide
11/19/2008
For example if the user password is ‘grid’ and corner you selected was ‘upper left corner’, leveraging the screen below,
the user would enter “41484774”. This corresponds to the following substitutions: g = 41; r = 48; I = 47; d = 74.
Once you have entered your GridCode™, you will be able to login to your application, manage your GridPass™ or
cancel by selecting the Logout button.
If the Login button is selected, the system will validate the GridCode™ value entered.
If you select the Manage GridPass™ button, the system will launch the Manage Password and Account Dashboard
screen. Within Manage Password and Account Dashboard, you will be able to change the target corner selection as
well as review the last 15 activities that occurred on your account. For further information on Manage Password and
Account Dashboard functionality, review the Manage GridPass™ section of this guide.
8 of 25

User Guide
11/19/2008
Manage GridPass™
Manage Password and Account Dashboard will allow you to manage your target corner selections and view
transactions that occurred against your account in the Account Activity section.
9 of 25

User Guide
11/19/2008
Change Password Corner
Users change their target corner selection for their password. To successfully change the corner selection, click
the position that is desired. This will select the button and highlight the corresponding text to indicate the
selection is made. To clear any selections or entries made, click the Cancel button. You will remain on the
screen, however all selections and entries will be cleared. To save changes, click Save. If the password corner
selection was saved successfully, a confirmation will appear at the top of the screen.
Change Password Corner Selection
Corner Change Confirmation
10 of 25

User Guide
11/19/2008
Recent Account Activity
The Recent Account Activity section provides the user with a history of last 15 activities that occurred with their
username and password. Activities include successful and failed logins(Login Attempt), successful corner
changes and administrator account resets. In addition to the activity, the system displays the date, time, and IP
Address from where the activity was initiated.
By providing this visually , users are more aware of the activities that are occurring and can escalate any
unexpected behavior.
Recent Account Activity
Once you are done in the Manage Password and Account Dashboard screen, click the Logout Button. This will bring
you back to the screen where you can enter your user name.
TIP: When finished in Manage Password and Account Dashboard, select the Logout button. It is not recommended to
use the browser back button.
11 of 25

User Guide
11/19/2008
User Administration
User Administration is a feature within Manage GridPass™ that is available to those individuals who are assigned Grid
Admin rights.
Grid Administrators can reset a user’s account information which forces them to re-register, change a user’s password
corner, and have visibility to that user’s account activity.
12 of 25

User Guide
11/19/2008
To access User Administration, the Grid Administrator selects the User Administration button from within the Manage
Password and Account Dashboard screen.
Once the User Administration button is selected, the Grid Administrator will be prompted to search for the domain user
that requires management on their account.
13 of 25

User Guide
11/19/2008
To search on a user, enter the User Name and select the Search button. This user must be a valid, active user in
Active Directory. Once the system validates the user, the Administrator will be brought to the User Administration,
Manage Password and Account Dashboard screen. For invalid or non-existing users, an error is displayed and you will
be able to search on another user.
Invalid User Error Message
On the User Administration, Manage Password and Account Dashboard screen, you will be able to change the user’s
corner selection, reset the user completely, view that user’s account activity, or search for another user. If you reset a
user, they will need to re-register at login.
Once changes are completed, select Logout to exit User Administration.
14 of 25

User Guide
11/19/2008
APPENDIX A – GridBasic™ Password Position Options

The following are the supported GridBasic™ Password Position displays.
GridBasic™ Shared Corners
GridBasic™ Double Digit, Four Corners
15 of 25

User Guide
11/19/2008
GridBasic™ Double Digit, Right Position
GridBasic™ Double Digit, Center Position
16 of 25

User Guide
11/19/2008
APPENDIX B – MyGrid™ Samples

The following are a few samples of the MyGrid™ layout options that are provided. MyGrid™ is completely
customizable and flexible to meet your usability criteria. For foreign character display, MyGrid can display in any
language by switching your browser to that language. Appendix B captures two (Arabic and Greek) of the many that
are available.
QWERTY
17 of 25

User Guide
11/19/2008
Alpha – Landscaped (DEFAULT SETTING)
Alpha – Grouped
18 of 25

User Guide
11/19/2008
Alpha + NumPad
Alpha + Numpad 99
19 of 25

User Guide
11/19/2008
Alpha – Portrait
Arabic
20 of 25

User Guide
11/19/2008
Greek
21 of 25

User Guide
11/19/2008
APPENDIX C – Frequently Asked Questions

If I am a new user, how do I select my targeted corner?
If you are a new user, after you enter your user name at the login screen, you will be brought to the Register a
New User screen. Here you will be required to enter your domain password and select your targeted corner.
If my password changes, do I need to re-register?
No. GridGuard™ will recognize your password has changed and at the next login, you will be required to use
that password with the corner that you used with your old password.
How can I see what activity is occurring with my account (ie logins, changes to the corner or position
selection, etc)?
Within Manage GridPass™, you will see the history of the last 15 activities that have occurred with your
account. The Activity, date that it occurred as well as the IP Address where the activity initiated from will be
displayed.
What if I forget my corner selection, what do I need to do?
You can contact your Network Administrator who will be able to reset your account. This will require you to
reregister where you will define your targeted corner.
Can I change my corner selection? Is there a limitation to how many times I change it?
You are able to manage your corner or position selection via the Manage GridPass™ function. There are no
limitations to the number of times you change your targeted position and each time it is changed, it will be
logged in your Account Activity.
I changed MyGrid™ option, however when I logged back in, it was back to the default.
Your MyGrid™ selection will not be saved until you have successfully logged in. If you change your MyGrid™
layout and fail at login, when you try logging in again, it will be back at the default screen.
I want to see my layout in a foreign language, is this available?
Yes. You can select the grid under MyGrid™ or change your Browser encoding setting to the language of
choice. Your grid will be populated with the correct character display.
22 of 25

User Guide
11/19/2008
APPENDIX D – Terminology
2Form™ (3Form™, 4Form™…) Authentication
SyferLock Technology Corporation’s patent number 7,143,440 unique and proprietary methodology and means to
layer and/or add additional forms of authentication to a user’s traditional password, such as a GridPIN™, security
modifier(s), corner/position selection (Axiom of Choice concept), etc.
AutoToken™
The Grid Data Security solutions’ ability to user create and generate two factor or multi-factor authentication to be
used in conjunction with a GridPass™ providing “the something you have” with “the something you know”.
DecoyDigits™
A proprietary and protected (USPTO 7,143,440) methodology where arbitrary and/or mandatory use of EXTRA
digits or values can be injected into any position of a user’s GridCode™, thus making the attack scenario of
reverse engineering of a user’s GridPass™ much more problematic.
GridAdvanced™
A system configuration and deployment set-up that maximizes user end-point security, but requires increased
back-end or behind the firewall integration efforts such as a password synchronization agent, domain controller
configuration and the need to store user passwords in reversible encryption. GridAdvanced™ configuration offers
security against stored browser passwords, replay attacks, shoulder-surfing, key stroke loggers, and forces a
concerted attack and multiple observations to begin to reverse engineer a user’s GridCode™ and associated
GridPass™.
GridBasic™
System configuration and deployment that minimizes back-end or behind the firewall integration efforts (such as a
password synchronization agent, domain controller configuration) and the need to store user passwords in
reversible encryption. The GridBasic™ configuration, while still defeating stored browser passwords, replay
attacks, shoulder-surfing and keystroke loggers, does not confer the increased end point security benefits and
features as the GridAdvanced™ system (See GridAdvanced™).
GridCode™
The user’s input, code and/or one time password used to login through the Grid Data Security solutions and
products. The GridCode™ is the result created by the user’s GridPass as applied to the randomly generated
security grid generated upon call to login to a service or application.
GridCore™
SyferLock Technology’s proprietary C++ code and extendible libraries used to deliver random authentication grids
or login sessions data, supporting United States Patent and Trademark Office number 7,143,440 methodology.
Grid Data Security™ solutions

SyferLock Technology Corporation’s various products and product suites created using the corporation’s patented
(7,143,440) system and methodology where users transform static login information into a one time password
allowing for more secure account and application access by defeating many forms of static password attacks.
GridGov™
The use of various GridWare™ components to secure the specific needs, criteria and certifications necessary for
Federal, State, and/or Local government environments
23 of 25

User Guide
11/19/2008
GridGuard™
An SDK allowing proprietary and third party products and applications to offer and deliver one time password
enhanced authentication.
GridOne™
A web based authentication system offering users the protection of one time password generation and usage for
more secure login into online and web accounts.
GridPass™
The term used for the construction and/or formulization of a user’s traditional password characters PLUS the
addition of one or more functions provided by the various Grid Data Security solutions and products and as
protected by USPTO number 7,143,440.
GridPIN™
The SyferLock Technology Corporation’s system and methodology applied to traditional Personal Identification
Number(s) – PIN(s) – allowing a static PIN to be input and transmitted as a one time PIN. Similar to a GridPass™,
the user constructs the PIN from traditional elements and/or numbers, then applies one or more functions provided
by the various Grid Data Security solutions and products. Again, the use of a GridCode™ is used at login.
GridPro™
The use of various GridWare™ components to secure individual clients and their possible access to domains,
LANs and WANs.
GridSync™
A proprietary password synchronization agent that once installed on a domain controller(s) allows for the
GridWare™ applicable systems and/or database(s) to be updated with any user password changes and/or
creation.
GridWare™
Reference to the assemblage of the various Grid Data Security solution product components and/or
subcomponents which could include such items as the GridSync™ password filter, database(s), GridCore™
library, etc.
MyGrid™
The unique ability for system users to individually configure and select security grid User Interfaces customized
with individual preferences such as layout, colors, character sets, and skins
24 of 25

11/19/2008
User Guide
SyferLock Technology Corporation
Company & Contact Information
products of SyferLock Technology Corporation
250 Pequot Avenue

Southport, CT 06890 USA
Phone 203-292-6268
Fax 203-292-5440
Email info@SyferLock.com
www.SyferLock.com or www.GridDataSecurity.com
25 of 25
SyferLock Technology Corporation™ reserves the right to make changes to any portion of its products at any time, without any notification to any person or entity. Export authorization from
the U.S. Department of Commerce may be required prior to export of SyferLock Technology Corporation™ products and technologies.


SyferLock GridBasic User Guide 2 4 2 0

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

SyferLock GridBasic User Guide 2 4 2 0

Transféré par

Droits d'auteur :

Formats disponibles

GridBasic™ Security Authentication

User Guide 2.4.2.0

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

User Name Login Register a New User

GridGuard™ Login Manage GridPass™

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

User Name Login

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Register a New User

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Change Password Corner

Change Password Corner Selection

Corner Change Confirmation

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Recent Account Activity

Recent Account Activity

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Invalid User Error Message

Once changes are completed, select Logout to exit User Administration.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

APPENDIX A – GridBasic™ Password Position Options

GridBasic™ Shared Corners

GridBasic™ Double Digit, Four Corners

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

GridBasic™ Double Digit, Right Position

GridBasic™ Double Digit, Center Position

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

APPENDIX B – MyGrid™ Samples

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Alpha – Landscaped (DEFAULT SETTING)

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

APPENDIX C – Frequently Asked Questions

If my password changes, do I need to re-register?

What if I forget my corner selection, what do I need to do?

I want to see my layout in a foreign language, is this available?

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Grid Data Security™ solutions

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

products of SyferLock Technology Corporation

250 Pequot Avenue

©2003 –2008 SyferLock Technology Corporation™ All Rights Reserved.

Vous aimerez peut-être aussi