When the user launches the client, they are prompted for a username and password. This can be authenticated against an OpenLDAP / Active Directory server. The username and password can alternately be locally authenticated in the application and stored in the event server’s database. If this method is chosen, the password is stored in encrypted form. Transmission of password information does not occur in clear text.
While the device id is transmitted, it is not used for authentication purposes. The device id is used to distinguish devices when the user is concurrently logged in.