|Applies To||Keon Web PassPort 1.1.1|
|Issue||Authentication methods for accessing credentials stored in a Keon Web PassPort Virtual Card|
|Resolution||There are two separate constructs within Keon Web PassPort that require authentication:|
1. Accessing a resource that is protected by the Keon Web PassPort server requires authentication. You can configure authentication to require a password or a SecurID token.
2. You can also configure Keon Web PassPort to automatically download your RSA Keon Virtual Card from the server when you authenticate. These settings are configured using the Microsoft Internet Information Services (IIS) MMC.
You can also configure your RSA Keon Virtual Card to be protected by either a password or a SecurID token. This is accomplished when creating the virtual card using the mkkeonvc.exe utility. Using the -s (for strong authentication) parameter sets it so only securID can used to unlock the RSA Keon Virtual Card.
NOTE: These are distinct functions; while they may be combined, they should not be confused. Setting a Keon Web PassPort resource to be protected by SecurID does not prevent a user from accessing the RSA Keon Virtual Card using a password. If you wish to secure the RSA Keon Virtual Card with SecurID, you must configure the virtual cards for strong authentication.
NOTE: When unlocking a timed out or logged out RSA Keon Virtual Card you will be prompted to authenticate using the method appropriate for the card
|Legacy Article ID||a16344|