You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

Get an account


Everyone involved in the coordinated vulnerability disclosure process will want a VINCE account. Obtaining a VINCE account is easy!  Visit our web page and get started.

Creating an account


  1. Navigate to our VINCE page
  2. Click on "Create an Account"
  3. Complete the VINCE form
  4. Watch for an email response granting your access.


Completing the VINCE form

  1. Enter a valid email address which you can access.
  2. Create a New Password with these requirements:
    1. minimum length is 8 characters
    2. Requires at least 1 number
    3. Requires at least 1 special character ("+" and "=" don't count)
    4. Requires uppercase letters
    5. Requires lowercase letters
  3. Password confirmation
  4. Preferred Display Name
    Note: this name is visible to other VINCE users. It may only contain 1 space and may not contain special characters.
  5. First name
  6. Last name
  7. Company/Affiliation
  8. Job Title
  9. Click the box to agree to the terms of service.
  10. Click on Sign up

Complete VINCE form to obtain an account.

Verify your account

When signing up for a VINCE account the user needs to provide a valid email address to receive the confirmation code to verify your account.

Once you receive the access code please

Email containing confirmation code

  1. Enter the code into the form
  2. Click submit.

    Enter the confirmation code and submit the form.



Account approval

Once you have submitted the confirmation code, your VINCE account needs to be approved.

  1. VINCE coordinator reviews your account for approval.
  2. Upon approval,
    1. You will receive an email indicating your account has been approved and you are directed to kb.cert.org/vince to log on.
      VINCE approval email

    2. If you have your browser open and the approval came quickly, you may also have a popup box indicating you can not login.

    VINCE approval popup


Login first time - Multi-Factor Authentication Required

First-time login

VINCE currently offers a choice

  1. Time-based one-time (TOTP) passwords as second factor authentication. To use TOTP, you need access to an app such as Google Authenticator, Duo, or LastPass Authenticator.
  2. Short Message Service (SMS) text messages

Select the multi-factor authentication method


TOTP

  1. Select TOTP
  2. The system generates an image that is scanned into your device, running an application ... and displays the scan code on your screen
  3. Scan the code into your authentication application.  This action should generate a code.
  4. Enter that temporary password (or code).
  5. (Optional) Name that device, software or application, so you may easily access the correct code generator.

    TOTP code to link your authorization application.

  6. You will have two forms of confirmation your account has successfully enabled TOTP Multi-factor authentication on your account.
    1. Web page indicating success and displaying your User Profile


    2. An email message






SMS

  1. Select SMS
  2. Enter the phone number you will use to receive text messages containing an authorization code.
    1. Use the International format as follows: + (country code) phone number
    2. If you have a United States number, please use +1 NPA-XXX-XXXX
       (NPA: Numbering plan Area a.k.a. area code)
  3. Verify your account by entering the authorization code contained in the text message.











  • 2FA required
  • Recover/reset account
  • Want to be anonymous? See FAQ, can report without creating account.


--- if not Will; maybe a separate page? ---

  • For vendors
  • Creating a vendor
  • Add user to vendor
  • Vendor administrator 



  • No labels