The following is a list of frequently asked questions about i2Pass. If you have a question that is not covered here, ask us via email and we'll answer your question.
Yes. After the IBM i OS upgrade is complete and all IBM PTFs have been installed but before you put your system back into productive use, you must run the following command:
GRTOBJAUT OBJ(QSYS/ASSIST) OBJTYPE(*MENU) USER(I2PASSUSR) AUT(*EXCLUDE)
This is needed to avoid users bypassing the 2FA validation process during a normal signon. See the i2Pass User's Guide under the section titled "IBM i Security Loophole" for more information.
Yes, this is possible. To correct for this situation, we ship alternate signon screens for the system that remove the "Program/procedure" line from the signon screen. We also include step-by-step instructions on how to install the alternate signon screen objects and test them.
Since version 3.03 you can sent native SMS messages though the built-in connection with our SMS utility, kConnect. Alternatively, you can also send codes using your cell carriers email-to-text feature. This can require extensive configuration and troubleshooting of SMTP and DNS services. More information about SMS Integration is available here.
Your can enroll user profiles one at a time if you want to, but i2Pass also includes a batch enrollment utility that will let you enroll all active users or GENERIC* user profiles. We don't recommend that you do this while the software is installed on trial, but once you commit to i2Pass, it will simplify your activation process.
When you register a user profile in i2Pass, the initial program information is saved. When the two factor authentication process has been completed successfully, then your initial program will still be called.