Using tokens for POP3/SMTP Authentication

Top  Previous  Next

Note: available in Ritlabs The Bat! Professional only


In Account Properties, select the Transport tab and click the Authentication button in the Send Mail or Receive Mail group box. If the hardware security token driver and the API have been properly installed on your computer, you will see a selectable checkbox for the security token: Token MD-5 CRAM-HMAC Challenge/Response in the Mail Retrieval (POP3) Authentication configuration window or a Store password on token option in the Mail Transmission (SMTP) Authentication configuration window.


Once the security token checkbox has been ticked, the Authentication configuration window will change its content to display two new group boxes:


The "Token to Use" group box displays the serial number and friendly name of the token selected to perform POP3 or SMTP authentication for that account. The serial number of the selected token is stored in the account configuration file. The Bat! won't perform authentication with that account using a token with a different serial number unless you click the "Browse" button and select another token. In order to display the friendly name, The Bat! requires that the token with a given serial number is inserted and available (i.e. it is not in use by another application), because the friendly name is retrieved directly from the token. If the friendly name can't be displayed (e.g. the token with a selected serial number wasn't plugged in or it was unavailable), you can try to resolve the problem (e.g. plug in the token with the valid serial number) and press the "Refresh" button to retry the attempt to display the friendly name.


The "Token Password" group box offers three buttons to Set, Change or Remove a password that is stored on the token. Once set, the password can only be used for authentication with that account, but it cannot be retrieved. However, the password can be changed (replaced by another password when, for instance,  the server administrator has assigned a new password for your account) or removed (if you no longer wish to use this token for authentication with that account).