About the new sign-in process for the Desktop Client

In a nutshell

  • If you use the latest Desktop Client(version 15.2.6 or later) or you already use the client in SSO mode, you have nothing to do. To check the current version of your Operator client, go to Help > About.
    Important: We highly recommend that you upgrade to the latest Operator client version by January 27, 2020. See How to update your Desktop Client.
  • If you want to use your older client version, which supports Single Sign-On (available from version 7.4), then follow the instructions in How to start the Desktop Client in SSO mode.
    Note: You must set up SSO mode on every Desktop Client.
  • If you use a Desktop Client version prior to 7.4, you must upgrade to the latest client version. Contact your Customer Success Manager for help.

Overview of the new sign-in process

LogMeIn migrates all customers to use a unique email address to sign in to all LogMeIn products, including all versions of Digital DX. This change modernizes our sign in process and simplifies it for users: you no longer have a separate username and email address. Having a common identity across LogMeIn products makes it easier for you to use our suite of solutions.

With the coming of the new sign-in process, Desktop Client users may have to verify their email address and their password policy will also change. Operators and admins will have the following experience when they sign in:

If you also have access to multiple accounts, you will have to select that after signing in to the Desktop Client. Operators and admins will see the following window when they select a Digital DX account to work with:

Important: By January 31, 2020 your IT team must allowlist these URLs to allow access to http://authentication.logmeininc.com and auth.bold360.com. For more information, see Allowlisting and Digital DX.

How does your current password policy change?

You will no longer have the option to customize your organization's password policy. If you still want to enforce a password policy, as an admin, you must enable it for your account and then each user must agree to the policy before signing in to the Desktop Client.

Starting March 16, 2020, accounts who previously enforced password policies will adopt the following configuration:

  • Users must change passwords every 90 days
  • Users cannot reuse their last five passwords

Users will be locked after three unsuccessful sign-in attempts for five minutes. After 25 unsuccessful attempts, users will be "hard locked" and will be able to unlock their accounts only by resetting their passwords. As additional protection, LogMeIn uses risk-based authentication to protect against sophisticated password attacks.

Your existing password policy that you can set on the Setup > Login Control Settings page in the Desktop Client will change to default in the following cases:

  • You have selected Apply password policy to all users on the Future Login Setup page
  • You have enabled Disallow reusing password for X generations on the Setup > Login Control Settings page
  • You have enabled Force change of password every X days on the Setup > Login Control Settings page

Who should verify their email address?

From March 16, 2020, Digital DX users may have to provide their email address and go through a short email verification process when signing in for the first time. An administrator can save time for users by setting up user email addresses, in which case users can skip the email verification. After setting up user emails, select the Force email that I set up for my users option on the Setup > Future Login Setup page in the Desktop Client.

After setting up an email address, users can sign in with their email address.

Note: You may have the option to postpone switching to your email address to sign in by clicking the I'll do this later link. To support operators and their administrators during this busy time, you can do so by May 31, 2020.

To set up user emails with the API, see How to set up user emails with the API?

Where to make changes in the Desktop Client

You can make email and password policy-related changes on the Setup > Future Login Setup page in the Desktop Client:

Force email that I set up for my users
After an admin sets up unique email addresses for all Digital DX users, select this option to force using those pre-defined emails to sign in. Users will not have to verify their emails.
Password policy changes
Select this option to apply LogMeIn's common password policy on all Digital DX users starting March 16, 2020. This means forcing users to change their passwords every 90 days and not reusing their last five passwords.