Article Content
Article Number | 000025852 |
Applies To | SAE version 2.3 Event-based Flex Token |
Issue | What are the token windows used for Event-based tokens? SAE version 2.3 now support event-based tokens in addition to the traditional time-based SecurID tokens. The acceptable range of event-based tokencodes is variable. |
Resolution | The "window" or range of valid authentication codes varies depending on the state of the token and values in the token's seed record. For example seed records often contain the following windowing parameters:
Small Window: 3 Medium Window: 7 Large Window: 100 Max Counter: 50000
SAE authenticates codes found inside the ?Accept Window? and rejects values outside the ?Reject Window?. Codes that fall between the accept and reject windows (where accept != reject) causes next tokencode mode.
State Accept Window Reject Window -------- ---------------------- --------------------- 1st login Large-1 Large-1 Normal small medium Waiting for PIN small medium Next Tokencode Mode 2 2 Resynch (1st) max counter max counter Resynch (2nd) 2 2 |
Legacy Article ID | a35281 |