Skip to main content

Authentication

Lenovo XClarity One requires two-factor authentication using your user credentials and a one-time passcode from an authenticator application. You can configure the authentication methods to use to sign in to the XClarity One portal by clicking Account Settings in the user-account drop-down menu in the upper-right corner.

Note
If five consecutive sign-in attempts fail within a 15-minute period or if consecutive sign-in attempts occur too quickly (within 1 second), your user account is locked for 60 minutes.

User credentials

Your username is your email address.

It is recommended that you use strong passwords of 16 or more characters. By default, passwords must have 8256 characters, including one or more uppercase and lowercase alphabetic characters, numbers, and special characters. Consider the following recommendations when creating passwords.
  • Do not use known passwords obtained from earlier breaches, leaks, or hacks.
  • Do not use dictionary words.
  • Do not use context-specific words, such as the name of a service, an email address, or derivatives thereof.
  • Do not use more than two repetitive or sequential characters (for example, aaa or 123abc).
  • Do not reuse any of the last five passwords.
Note
Passwords must be changed at least every 365 days. You can change your password by clicking Account Settings from the user-account drop-down menu in the upper-right corner, and then clicking Account security > Signing in.

One-time passcode (OTP)

You must setup an authenticator application on a device and connect to XClarity One to obtain the one-time passcode (OTP) that is required each time you sign in. The following authenticator applications are supported.

  • FreeOTP

  • Google Authenticator

  • Microsoft Authenticator

If you have authenticator applications set up on multiple devices, you can provide a custom name for each device. During sign in, you can choose which device to use for the one-time passcode.

If you no longer have an active user session and you lose the authenticator application or the authenticator token in the application, contact the user administrator for your organization. User administrators can reset the multi-factor authenticator to remove all authenticator applications for another user in the same organization. After your multi-factor authenticator is reset, you must setup a new authenticator application the next time you log in.

If you have an active user session and can access your account settings, you can set up a new authentication application by clicking Account Settings from the user-account drop-down menu in the upper-right corner, and then clicking Account security > Signing in.

User sessions

Each user can have up to three user sessions.

A user session expires after 2 hours of active use or after 30 minutes of idle time. When a user session expires, you are signed out automatically and must sign in again to continue your work.

You can view a list of active user session and sign out of any unfamiliar sessions. Click Account Settings from the user-account drop-down menu in the upper-right corner, and then click Account security > Active user sessions.

Note
  • If your web browser is set up to use a popup blocker, configure the popup blocker to allow the XC1.lenovo.com website.
  • Ensure that you are using one of the following supported web browsers.
    • Chrome 120 or later
    • Firefox ESR 115.6 or later
    • Microsoft Edge 123 or later
    • Safari 17.2 or later