000025976 - How to configure the number of invalid PASSCODEs before entering Next Tokencode Mode for RSA SecurID Software Token

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025976
Applies ToRSA SecurID for Microsoft Windows
RSA ACE/Server RSA Authentication Manager
RSA SecurID Software Token for RSA SecurID Token for Windows Desktops, Smart phone and Blackberry
SoftID
IssueHow to configure the number of invalid PASSCODEs before entering Next Tokencode Mode for RSA SecurID Software Token
How to make software tokens behave like hardware tokens as far as Next Token Code
mimic the behavior of Hardware tokens with softid_multi
invalid PASSCODES
Users are entering next tokencode mode on a single transaction client or do not understand the next tokencode prompt
mimic the behavior of Hardware tokens
CauseBy default, RSA SecurID Software Tokens enter Next Tokencode Mode after a single failure
Resolution

Set an environment variable named "SOFTID_MULTI" that causes Software tokens to mimic the behavior of Hardware tokens.
NOTE: You must install RSA ACE/Server 3.3 patch 16 (or later) or RSA ACE/Server 4.1 patch 1 (or later) to use this variable.
UNIX ACE/Server:
1. Add the following to the ace/prog/aceserver script (the line just under #!/bin/sh)
    SOFTID_MULTI=1;export SOFTID_MULTI


Note: in some versions of AM6.1 and UNIX, you may need to manually set and export the variable, instead of modifying the script.


Stop and restart all RSA Services, a reboot is not needed on UNIX.  Verify the variable has been set by using env .


You can disable the feature by setting the Value to 0 and restarting the RSA Services.
Windows ACE/Server:
1. Select Start --> Settings --> Control Panel
2. Select System
3. Select the Advanced tab then click on Environment Variables


4. Add the following variable and value to the System Variables.
NOTE: This variable must be a SYSTEM variable, NOT a user variable.
    Variable:  SOFTID_MULTI
    Value: 1


5. Stop all RSA Services and reboot the system 


Note: You can disable the feature by setting the Value to 0. Reboot the Windows ACE/Server for this change to take effect.


If you have any Replica servers, this procedure must be repeated on each Replica.
 

Software token by default goes into next tokencode after one failed attempt. This environmental variable will allow the software token to go into next token code only after three failed attempts (or the number set for the type of agent).

Legacy Article ID6.0.1419430.2754086

Attachments

    Outcomes