23073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

Message: Bad PIN ; but previous tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source

Description:Authentication attempted

Problem: This error occurred due to any of the following circumstances:

  • The user forgot his or her PIN or is using a PIN that is correct for a different token.

  • Replication has failed, and the user’s PIN is not updated in the replica instance.

  • An unauthorized person possesses the token and is guessing PINs.

Resolve 23073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE

Procedure 

  1. Check the replication status. See Check Replication Status.

  2. If the replication status does not display an error, confirm that the serial number on the back of the token matches the token assigned to the user in the User Dashboard. If the serial numbers match, clear the PIN.

    1. In the Security Console, go to the Home page.

    2. Use Quick Search to find the user.

    3. Select the user to whose token you need to verify.

    4. Under Assigned SecurID Tokens, view the token serial number.

    5. If the serial number matches, you need to clear the PIN.

    6. Under Assigned SecurID Tokens, select the token with the PIN that needs to be cleared.

    7. Click Clear PIN.

  3. Require the user to change the PIN. For instructions, see Require Users to Change Their RSA SecurID PINs.

  4. Open the Authentication Activity Monitor and instruct the user to authenticate. You can see whether the user has authenticated.

 

 

 

 


Attachments

    Outcomes