Security

Two Factor Authentication

Two-factor authentication involves requiring multiple items for successful authentication.  Knowing your account username and password along with acquiring a one-time passcode to successfully logon.  AppLife Cloud offers three different forms of two factor authentication.

Email Two Factor Authentication

With this option, a one-time passcode will be sent to you through the account’s registered email. 

 

Google Authenticator

Google Authenticator is a mobile app available for Apple and Android mobile devices.  When enabling two factor authentication, a secret is shared with Google Authenticator that allows the app to provide rolling passcodes that are used as part of the AppLife Cloud authentication process.  This method requires that you have Google Authenticator during the authentication process.  Is method is more secure than Email authentication.

 

YubiKeys

YubiKeys are USB-based hardware keys that provide one-time passcodes for authentication.  When you register your Yubikey with AppLife Cloud, you must have this hardware key present to successfully authenticate.  This is the most secure form of two-factor authentication available on AppLife Cloud.

 

Enabling Two Factor Authentication

To enable two factor authentication:

1.  Login to AppLife Cloud

2.  Open the Profile Page

3.  Check the option to enable two-factor authentication

 

4.  Select the style of two factor authentication.

5.  Click the Update button to save changes

 

Once enabled, a second value will be required to successfully authenticate. 

 

It is highly recommended that two factor authentication be enabled on all accounts.

 

Publisher IP Filtering

Enabling IP Filtering for publishers of AppLife Packages limits publishing to clients that have an IP Address in the configured list of accepted addresses.

The IP Filtering list is subscription based and affects all applications for the configured subscription.  If your publishing operations originate from systems with static IP Addresses, it is highly recommended to enable Publishing IP Address Filtering.

 

Enabling Publishing IP Filtering

 

1.  Log into AppLife Cloud

2.  Navigate to the Subscription Page



3.  Navigate to Subscription Properties




4.  Check the Enable Publishing IP Filter option



When enabling, the current IP Address is automatically added to the list.  More IP Addresses can be added by entering into the Filter/Add box and then clicking the Add button.

Note: Once enabled, any changes to the list or disabling the list can only be performed by a client with an IP Address in the list.

 

Key Pair Master Password

AppLife Update produces a signature of your update package using a private key during the update build process.

On your deployed clients after downloading, your update packages are validated with this signature and the public key component of your key pair, thus ensuring the package is authentic before applying the update. With the changes in AppLife Cloud, application private keys are now transmitted and stored in AppLife Cloud.  We take every precaution in storing these keys and protecting your AppLife Cloud account.  Two-factor authentication and IP Publishing filters are additional features implemented to protect your deployed applications.

To protect your applications further, we have also provided a local option to encrypt your application private-public key pair with a master passcode before they are transmitted to the cloud.  Your passcode is never stored locally or remotely, unless selected to remember locally.  Using this option, your application key pair is never transmitted in a usable format, and your local passcode is required to create an update package that your application will validate and apply.

 

Caution:  Master passcodes are not recoverable.  If your passcode is lost or forgotten, you will not be able to create an update that your deployed applications will apply.

 

Passcodes are application specific.  To enable a master passcode on your application:

 

1. Open the Project Settings dialog using AppLife Builder.



2.  Navigate to the Security tab.

 

3. Check to enable a KeyPair Master Password

 

 

Once enabled, the password is necessary to open the application in AppLife Builder.

 

 

When remember on this computer is selected, the value will be automatically filled, thus supporting using complex passcodes without the need to enter every time.