000015695 - 'Missing authenticator' error appears for users of Fixed Passcodes

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015695
Applies ToRSA Authentication Manager 7.1.2
RSA Authentication Appliance 3.0+
IssueSuccessfully authenticate to Self-Service Console using a Fixed Passcode
Authentication Realtime Activity Monitor displays a "missing authenticator" message
User cannot log into Self-Service Console with fixed passcode (no token)
New PIN mode for a new user with fixed passcode unable to authenticate
CauseThe associated Token policy is not being respected for user's with fixed passcodes
ResolutionThis is a known issue for users with fixed passcodes in Authentication Manager 7.1 (and above).

The remedy for users with fixed passcodes :

1. If the system is set to allow users to define their own PINs after successful authentication, they must set the new PIN to be 1 character longer than the minimum length defined in the Token policy.
   e.g. If the token minimum policy defines the PIN length as minimum of '4', then the user must set their new PIN to be 5 characters or more.

2. Set the relevant Token Policy's PIN Creation Method to "Require system-generated PIN".
Legacy Article IDa50274