Adding or Editing Credentials
Credentials are necessary for Sentinel to have the ability to scan sites that require users to log in for access. WhiteHat Security recommends that at least two sets of credentials be entered for each such site, with the second set being used should the first set fail. These should not be the credentials of any existing user.
To enter or edit credentials, go to the Site Details page from the Assets tab and select the Scan or the Services subtab. Under the Scan subtab, you can enter or edit scanning credentials; under the Services subtab you can add or edit credentials to be used in a Business Logic Assessment.

Adding Scanning Credentials
Choose the "Scan" subtab and you will see the information for this site’s scans.

If you need to add credentials, you will see an "Add" link.

Click on that link to see the Add Credentials popup.

You must enter a name for the credential and information for at least a primary login; we strongly recommend including a backup login as well. This information includes:
-
Username
-
Password
-
Login (Entrance) URL
-
Destination URL
-
Any notes about this set of credentials
When you have entered all information, click on "Save" to save this set of credentials.
Editing Scanning Credentials
To edit existing credentials, click the arrow next to the credentials you want to edit and you will see the "Edit" link.

Click the "Edit" link to enable editing.

Adding BLA Credentials
Choose the "Services" subtab and you will see the information for this site’s Business Logic Assessment(s).

Click on "Add Credential" to add site credentials. Sentinel will accept primary and backup Business Logic credentials.

You must enter a name for the credential and information for at least a primary login; we strongly recommend including a backup login as well. This information includes:
-
Username
-
Password
-
Login (Entrance) URL
-
Destination URL
-
Any notes about this set of credentials
When you have entered all information, click on "Save" to save this set of credentials.
For information about using SMS-based two-factor authentication for your assessments, please see SMS-Based Two-Factor Authentication.