|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager
|Issue||How can users export a set of One Time Tokencodes from self-service Console for Authentication without contacting the Administrator while the token is forgotten to be carried to workplace or misplaced. |
User is within network perimeter and has forgotten to carry the token to workplace.
|Tasks||The administrator with the super admin role needs to setup the following on the Authentication Manager primary server:|
- From the Security Console, click Setup > Self-Service Settings.
- On the Settings page, under Customization, click Enable or Disable Self-Service Features.
- Select the following Enable and set display options.
- Click Save.
- In the Security Console, click Setup > Self-Service Settings.
- Click Manage Authenticators.
- In the Emergency Access Tokencode Settings section, select Allow user to place token in emergency access mode. And select Set of One Time Tokencode and the number of codes to be displayed.
- In the Emergency Access Tokencode Settings for Temporarily Unavailable Tokens section, do the following.
- Use the Emergency Access Tokencode Lifetime fields to enter the length of time you want emergency access Tokencodes to remain active. (Validity can be chosen based on the travel duration.
- Click Save
|Resolution||Users can login to the Self-Service Console using their password and export a set of One Time Tokencodes for Authentication.|
- Login to the Self-Service Console.
- Click on Troubleshoot.
- Select Token is temporarily unavailable or misplaced option and click OK.
- Click on Export to File to save the Codes in a .TXT file.
- To implement this solution the user needs to be within the network perimeter.
- This solution only works for RSA SecurID software and hardware tokens.
- You can use the Emergency Tokencode once.
- If a SecurID PIN exists: Log on with your PIN + Emergency Tokencode.
- If you do not have a SecurID PIN: use only the Emergency Tokencode displayed.