What is the AuthNull Authenticator / Wallet App?

AuthNull’s Authenticator/wallet is an app that you install on your phone. You may see different names - authenticator, wallet, wallet app, decentralized wallet being used through AuthNull’s website and help section and they all mean the same thing. The mix of references and names is due to the multiple use cases this app provides.

What does the authenticator app do?

The authenticator app

  • enables MFA with identity verification
  • enables storage of credentials such as passwords, SSH keys and other credentials in a decentralized manner

Credential storage on the wallet is fully decentralized

What this means is that credentials

How does the decentralized wallet work?

Installing the app

Once your account has been registered with AuthNull’s directory - you should get an invite with the wallet key. This email enables you to sign up for an account to your organization’s tenant.

Once you have installed the app - you register with your email id and they key that was sent to the email id.

How does it work?

The app stores your public / private key pair using ED25519 signing. With the private key - all your credentials - passwords, SSH keys, passwordless credentials, your identity credentials are all encrypted and stored. The key is used to sign the credentials when authentication takes place on any infrastructure you have acecss to.

Remember - when you setup the wallet, you typically assign your identity (biometrics) to that wallet key.

Subsequently all authentication will require the verification of identity before you proceed.

Installation Instructions

Who & How are wallet assigned to?

As an admin when you onboard a directory user they are automatically assigned a wallet with a DID & Active Directory Credential along with their wallet key.

Types of Credentials in the wallet

  • Active Directory User Credentials

  • Active Directory Passwords / SSH Keys

  • Endpoint User Credential

    • Password / SSH as a Credential

  • Identity based credential

Getting the credentials

For active directory users -

Your default AD account credential is created and sent automatically.

For shared accounts - admin’s have options from the admin console to send a credential by right clicking on a shared ad account and selecting “send credential”

For Local account credentials (shared local privileged accounts)

  1. Go to ‘Endpoint Users’ section in Priviledged access management.

  2. Click on a endpoint user to assign it to the wallet from actions.

    Note: if there are multiple endpoint user to be assigned to the wallet select them and a button would appear at the top for wallet assignment

  3. select the wallet users from the list of wallet in the modal and click on ‘assign wallet’ button to assign the verifiable credential of the endpoint user/users in the wallet.

Authenticating while logging into infrastructure

While logging into any infrastructure - you will receive a ping notification. Simply press “share” to log in.

Retrieving passwords

To retreive the newest password - go to the specific endpoint / endpoint user credential and press “copy”.

The password is now in your clip board which you can use to type into any server requiring it.