Tokenized Encrypted Passwords

Tokenized Encrypted Passwords allow non-admin users to log into systems and use Maxon products available to the owner of a Maxon Teams License without needing to use an administrator account or the Maxon App program.

How do I create a Tokenized Encrypted Password?

Tokenized Encrypted Passwords are created by a system administrator using a built-in Maxon Tool accessed by way of a command-line interface (CLI). 

Follow the steps below for an in-depth guide:

1. Be logged in as an administrator
2. Run a CLI and create a password token
   • Mac:
     1. Launch a Terminal window
     2. Head to the Maxon App tools folder: cd /Library/Application\ Support/Maxon/Tools/
     3. Create a token using: ./mx1 user login -u '[username]' -p '[password]' --store 
        • Ensure both the [username] and [password] entries are enclosed in single quotes 
        • Example: ./mx1 user login -u 'skinner@sfieldelementary.edu' -p 'St3am3dh4ms!' --store 
        • You can obscure password entry by omitting -p [password] from the command. You'll then need to enter the password immediately afterwards, which will not be displayed.
   • Windows:
     1. Launch a Command Prompt using Run as administrator
     2. Head to the Maxon App tools folder: cd C:\Program Files\Maxon\Tools\
     3. Create a token using: mx1 user login -u "[username]" -p "[password]" --store 
        • Ensure both the [username] and [password] entries are enclosed in double quotes
        • Example: mx1 user login -u "chalmers@bsu_alumni.edu" -p "4ura8or3alis?" --store
        • You can obscure password entry by omitting -p [password] from the command. You'll then need to enter the password immediately afterwards, which will not be displayed.
        • Tokenized login is saved as a hash and the credentials are not human-readable.
3. If successful, the Successfully logged in message will appear.
   • If you receive a login failure message, review your email and password entries from the previous step for errors.

Once complete, you can:

• View a token by re-entering its token-creation command, then suffixing it with a -v flag.
• Confirm a user is logged in by using the mx1 user info command.

After logging out out of your administrator account, a non-admin account can now log into the machine. The license token is stored and use of the products are available without needing to use the Maxon App GUI.

The option to logout via the Maxon App GUI is removed until the token has been removed.

How do I remove a Tokenized Encrypted Password?

Logging out of a Maxon Account on a machine will remove the hashed token.

Administrators can log out of a Maxon Account using the mx1 tool with the mx1 user logout command

Users will not have an option to log out of a Maxon Account using the Maxon App when a token is present on a machine.

How do I restrict access to the Maxon App for non-admin users?

There are two options for disallowing use of the Maxon App to non-admin users:

• Option 1: Move the Maxon App GUI executable to the Desktop of the admin account, allowing only the admin access to use it and its features (e.g. assigning or releasing licenses, installing or uninstalling programs, etc.). It also allows the admin to create Maxon App Error Logs, which is useful for troubleshooting any licensing issues.

  The Maxon App GUI executable is located at

  • /Applications/Maxon.app
  • C:\Program Files\Maxon\App Manager\Maxon.exe
• Option 2: Install a headless version of the Red Giant Service that includes all essential items for use but without using a GUI, leaving all Maxon App features restricted to admins via CLI (e.g. assigning or releasing licenses, installing or uninstalling programs, etc.). 
  
  Instructions for installing a headless version of the Red Giant Service are found here.