User Dashboard

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

The User Dashboard provides a consolidated view of authentication data for a single user, allowing you to identify and troubleshoot issues.

You can view the User Dashboard using:

User Dashboard Tasks

You can use the User Dashboard to perform these tasks for a particular user.

Note:  Your ability to view or perform tasks in the User Dashboard depends on your license and administrative permissions. These features apply to hardware tokens and software tokens. Some features are unavailable for RSA SecurID Authenticate Tokencodes. For more information, see RSA SecurID Authenticate Tokencodes.

                                                                                                       

Action

Description

Reference

Enable or disable account

Enable or disable a user from authenticating.

Enable a User Account in the User Dashboard

Disable a User Account in the User Dashboard

Assign a user alias

A logon alias allows users to authenticate with their RSA SecurID token using User IDs other than their own.

Assign a User Alias in the User Dashboard

Unlock

Locked out users cannot authenticate until they are unlocked.

Unlock a User in the User Dashboard

Change a password

You can change passwords for users whose accounts are in the internal database. You might perform this task if the security of the old password has been compromised.

Change a User's Password in the User Dashboard

Clear security question answers and cached windows password

You might clear security question answers if the user forgot the answers, or if the security of the answers was compromised in some way.

You can avoid a failed logon attempt by clearing the saved copy of the user's Windows password.

Clear Security Question Answers in the User Dashboard

Clear a Cached Copy of Windows Credentials in the User Dashboard

Add to a user group and view user group memberships

You can add users from any identity source to one or more user groups in the internal database only.

Add a User to a User Group in the User Dashboard

View User Group Memberships for a User in the User Dashboard

Manage authentication settings

You can create exceptions to authentication policies for individual users. These settings also allow you to troubleshoot user authentication issues.

Manage User Authentication Settings in the User Dashboard

Enable or disable on-demand authentication

On-demand authentication (ODA) delivers a one-time tokencode to a user’s mobile phone or e-mail account. On-demand tokencodes expire after a specified time period, enhancing their security.

Enable On-Demand Authentication for a User in the User Dashboard

Disable On-Demand Authentication for a User in the User Dashboard

Clear and set temporary on-demand authentication PIN

You might clear a user's ODA PIN when the PIN is compromised, forgotten, or when your company policy requires the PIN change. You must always set a temporary PIN when you clear a user's PIN because ODA requires a PIN.

The user must change a temporary PIN the first time it is used.

Clear a User's On-Demand Authentication PIN in the User Dashboard

Require a password change at next logon

You can require users to change their passwords if the password is suspected of being compromised. If a user's identity source is the internal database, you can force the user to change the password the next time the user logs on.

Require a User to Change a Password using the User Dashboard

Assign hardware a token

You can assign up to three active tokens per user. The RSA SecurID Authenticate app counts against this limit.

Assign a Hardware Token to a User in the User Dashboard

Assign and distribute a software token

You can assign up to three active tokens per user. The RSA SecurID Authenticate app counts against this limit.

Assign and Distribute a Software Token to a User Using File-Based Distribution in the User Dashboard

Distribute One Software Token Using Compressed Token Format (CTF)

Assign and Distribute a Software Token to a User Using Dynamic Seed Provisioning in the User Dashboard

Clear a PIN

Once cleared, the user must enter a tokencode, and then create a new PIN.

This feature is not available for Authenticate Tokencodes.

Clear an RSA SecurID PIN in the User Dashboard

Generate emergency access tokencode

Generate an emergency access tokencode for a user whose existing token has been permanently lost or destroyed.

Provide an Offline Emergency Access Tokencode

Resynchronize tokens

Resynchronize a token when its tokencode does not match the tokencode generated by Authentication Manager. Mismatched tokencodes cause authentication to fail.

This feature is not available for Authenticate Tokencodes.

Resynchronize a Token in the User Dashboard

Replace a token

Replace a token that has been permanently lost, stolen, damaged or expired.

This feature is not available for Authenticate Tokencodes.

Replace a Token for a User in the User Dashboard

Enable or disable tokens

Only enabled tokens can be used for authentication. Tokens are automatically enabled when first assigned to a user.

You might choose to disable a token if a user is out of the office for an extended period of time. Disabling a token does not remove it from the deployment.

Enable a Token in the User Dashboard

Disable a Token in the User Dashboard

Unassign a token

When you unassign a token, the user can no longer use the token to authenticate and the token is disabled.

This feature is not available for Authenticate Tokencodes.

Unassign a Token from a User in the User Dashboard

User Dashboard Components

The User Dashboard contains the following components.

User Profile

You can edit, disable, or unlock a user’s account. Disabling a user removes the user's ability to authenticate and suspends the user’s account privileges. You can only disable a user whose identity source is the internal database. You can unlock a user who has violated the lockout policy or self-service troubleshooting policy for the user’s security domain. You can also manage a user’s authentication settings.

User Group Membership

You can view a user’s membership to user groups. You can add a user to one or more groups (maximum of 25).

Users in the same user group can access restricted agents. Users can be managed as part of the group. You can also remove users from user groups that are stored in the identity sources. This action does not delete the user's data from the identity source.

Recent Authentication Activity

You can view a user’s authentication activity through the User Dashboard in real time. You can customize the information displayed. A maximum of 50 records can be shown.

Additionally, you can view:

  • Log entries for real-time authentication activity over the past seven days for one user
  • Time of activity, result of activity, and description of activity

Assigned SecurID Tokens

You can assign or replace a hardware or software token by searching for a token across all security domains within your scope. After you assign a software token, you are prompted to distribute the token. You can manage all aspects of a user’s hardware or software token status.

Accessible Agents

You can view up to 50 restricted and unrestricted agents the selected user can access within your administrative scope. For restricted agents, the user can authenticate within the designated access times. You can search these agents by hostname.

On-Demand Authentication

You can view and manage information for that the user such as whether the user is enabled for on-demand authentication (ODA), the tokencode destination, PIN status, and tokencode expiration date.

 

 

 

 


Attachments

    Outcomes