In order to access our software, all users are required to use two factor authentication in order to keep both the user account and the server environment as secure as possible. This article will detail the process of setting up a Two Factor Authentication (2FA) device. Should you use a digital key or Yubi key they must be provided by Carvin Software, if you’re needing a device please reach out to support.

This article will break down how to set them up for the first time, as well as how the 2FA methods operate when logging in.

Since all three options function as a two factor authentication, companies are free to select the option that best suits their needs. Both keys are about the size of a typical USB stick and are user specific, meaning that each user requires their own and they cannot be shared. The third option using a 2FA app that would uses the cell phone of the user and displays a pass-code.

Open

Digital Key

The “Digital” key doesn’t plug into a computer and instead has a display and button. When pressed it will display a random number that the user then types into the prompt on the computer.

Open

Yubi Key

The "Yubi" token is a USB stick that must be plugged into the computer. Once prompted, the user will touch the golden "Y" on the stick and the code is automatically entered in.

The “3rd Party” option will be a 2FA app of your choosing. Different from Duo “Push”, you’ll use an app that is synced to your account and will display a pass-code on your phone that you’ll manually enter when logging in.

Once you receive the Digital keys in the mail, you’ll call support who will simply need to know the serial number on the back of the key and the user it should be tied to. After a few minutes the key will be tied to the user and is ready for use.

After logging into the server via the standard RDP icon, you’ll be taken to the below screen where you’ll need to enter in the code. Simply press the power button on the digital token to display the current code, enter in the 6 digit code in the “One-Time Passcode” box, and once you press enter the server will load.

Once Carvin Software has sent you the Yubi key, you’ll navigate to https://enrollment.carvinsoftware.com and sign in using your first login (RDP) username and password. Take note that the username is only your Firstname.Lastname and doesn’t use “@CarvinSoftware.com”.

Once logged in, you’ll then select “Add Yubi Key”, and insert the token into a USB port on your computer. You’ll then click to put your cursor inside the “YubiKey Passcode” box, and then lightly press the gold button on the Yubi key and it will fill out the code on the screen, and you’ll click “Add”.

You’ll then lightly press the gold button on the Yubi key and it will then fill out the code on the screen and you’ll then confirm. If done correctly the page will refresh and you’ll see a confirmation at the top of the screen that the YubiKey was added.

When logging in with your YubiKey you’ll enter your credentials as usual, and when prompted you’ll tap the golden Y on the Yubikey which will auto fill the code, simply submit and you’ll be logged in.

If you’d prefer to use a separate authentication service other than Duo PUSH or one of the above tokens, you can use a 3rd party 2FA as well, such as Duo Mobile, Google Authenticator, Microsoft Authenticator, and more. Below are steps on how to set up a service, however as these are separate from our offered services we can only show the general setup process and likely wont be able to assist with troubleshooting. The below steps will walk you through how to set up using the 3rd party app Duo Mobile. Keep in mind that instead of the standard “Duo PUSH” that was originally used by most users, this will be a different setup process and method of authentication that we do NOT manage.

You’ll first need to make Carvin Software aware that you intend to use a third party authentication service, then you’ll navigate to https://enrollment.carvinsoftware.com and sign in using your first login (RDP) username and password. Take note that the username is only your Firstname.Lastname and doesn’t use “@CarvinSoftware.com”. Once logged in you’ll click “Add OATH Token, and on the next step verify the “Online” option is selected and click “Add”.

The next screen will display a QR code for you to scan using your 3rd party app. Within your app you’ll likely have an “Add” option, and you’ll select the option to add by scanning a QR code. Once you scan the code using your 4rd party app, it should then display the pass-code which you’ll then type into the “Confirm OATH token value” box and click “Add”. If done correctly, you’ll then see the confirmation message that it was added successfully.

When logging in using the above method, you’ll simply enter the pass-code that your 3rd party app is displaying and login as usual.