Offline Authentication Policy

Document created by RSA Information Design and Development Employee on Jun 13, 2017Last modified by RSA Link Admin on Sep 18, 2020
Version 15Show Document
  • View in full screen mode

An offline authentication policy defines the way users authenticate when they are not connected to the network.

Offline authentication extends RSA SecurID authentication to users when the connection to RSA Authentication Manager is not available (for example, when users work away from the office or when network conditions make the connection temporarily unavailable).

An offline authentication policy is assigned to each security domain. A deployment can have multiple offline authentication policies.

Two policies can conflict if the user is in one security domain and the agent (their computer) is in a different security domain, and the security domains have different offline authentication policies.

RSA does not recommend offline authentication for the following authenticators:

  • PINPads

  • Tokens that do not require PINs

  • Fixed passcodes

These authenticators are likely to contain fewer characters than required by the minimum offline passcode length setting. You can override this setting to explicitly allow offline authentication using these authenticators.






You are here
Table of Contents > Policies > Offline Authentication Policy