Update: ANGEL Secure Logon

February 26, 2010 at 10:22 am Leave a comment

Audience: All ANGEL users

UPDATE: ANGEL users using Internet Explorer may have experienced problems with the secure logon nugget, starting from 6pm Thursday night. A fix was applied at 8am Friday morning.

What: We’re phasing in a secure logon technology for ANGEL. It’s currently appearing on the ANGEL logon page as an additional control. Our plan is to evaluate it for a few days, and after a successful trial, remove the standard logon control. During this evaluation period both logon controls will appear on the ANGEL logon page.

This information is available from the More Info link on the control:

Secure logon protects your ANGEL username and password from interception while logging in,
even if you are using an unsecured Wi-Fi network, such as is commonly available at coffee shops. To accomplish this, your account is first transmitted via a secure (SSL) connection and a one-time login token value is returned. Finally, this token is sent directly to ANGEL and you are logged in. All of this occurs without sending your account in clear text over the Internet.
Note that the ANGEL logon page itself is not SSL-secured; only the logon transaction uses SSL and so you will not see the secure site indicator in your browser, nor will this secure logon change any other feature in ANGEL.