Skip to main content
Skip table of contents

Release Note EN - Authenticator 6.12 Desktop - Selfcare, Audit and rebranding

This version of your inWebo Authenticator 6 application is adding new features as well as cosmetic enhancements. We added Selfcare features (device management and account management) so users will be more autonomous and will require less support. This means that your users will no longer need to access the portal.

We also added an Audit feature, so users can see their latest activity. And finally we modified the app icon and a few minor graphical elements following the recent rebranding of inWebo.

Finally, we added a confirmation message after a push notification in order to make the user scenario more clear.

You will find below more details about the new features and how to make them available to your users.


What’s new?


In the current Authenticator, a user can activate a new device in the Device menu. Selfcare adds to this feature the list of devices and the ability to lock/unlock, rename and delete. Also, in the “My Account” menu, the user can customize the anti-phishing phrase and the ‘returning’ email used to retrieve access to his account. All these features were previously only available in the portal.

Note: the Selfcare feature will be enabled by default in the service parameters upon the update, but of course you can disable it.

My Devices menu:

My Account menu:

Two new features are available:

  • Antiphishing: the user can define a personal and secret sentence to be displayed in Helium or Virtual Authenticator whenever a personal code is requested. This helps the user verify that he is connected to a legitimate inWebo server.

  • Account recovery: Users can now provide an email to receive an unlock or reactivation code in case of a loss or lock of his trusted devices.


If you activate the Audit feature, users will see a new “Audit” entry in the menu. After entering their pin code, they will have access to the logs of the latest personal activity such as connections, generation of OTP, etc. This information can be useful when discussing with the internal helpdesk.

Note: the Audit feature will be disabled by default.

Message after Authentication

After a push authentication, a message is displayed to the user in order to make it clear that the authentication is sent to the requestor application. In the previous versions of Authenticator, the user was redirected to the Authenticator home, which could create some confusion.


The rebranding will impact the application icon, the embedded inWebo logo and a few color items. These changes will have no functional impact.

Before/after - application icon:

Before/after - logo

Before/after - color

Who is impacted? What is the impact?

Only the standard Authenticator 6 is impacted by the update. If inWebo supplies a specific version of Authenticator, please contact inWebo for more information.


Behavior and recommendation

Authenticator 6 mobile or desktop

Selfcare “ON” by default. Users will still be able to activate a new device. In addition they will be able to manage their devices and define their account parameters.

Selfcare “OFF”: users will not have access to the “My Device” menu.
Caution: both users and administrators will not be able to activate a new device, in case their browser token gets locked. Please note that admins are required to use a browser token to access the admin console.

Audit Off by default. No impact on users. You control the activation.

Authenticator 6 mobile or desktop - specific case of a service configured ‘without pin’

Selfcare “ON” by default

  • Users will not see the menu, as they do not have a pin code defined. Before they were able to access “My Devices”, but were not able to activate a new device as the pin code was requested.

  • Administrators will have access to the menu as they have defined a pin code for accessing the administration console.

Audit “OFF” by default. No impact on users. If you activate it, same behavior as the Selfcare.

Specific version of Authenticator

No impact.
Contact inWebo if you wish to benefit from the new features.

How to activate the Selfcare and the Audit?

The activation parameters for both the Selfcare and the Audit are available in the admin console, in the Authenticator section of your service parameters.

Known Issues

  • In My Account, account recovery, the placeholder should be ‘Email address’, not ‘Email adress’

  • When entering a wrong email in account recovery, the message displayed on top ‘invalid json’ should be more explicit

  • When receiving a push notification, it is possible to be notified several times by the Windows notification center. This has no consequence for the processing of the received push notification by Authenticator.

French version

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.