Event-based Flex Token
SAE version 2.3 now support event-based tokens in addition to the traditional time-based SecurID tokens.
The acceptable range of event-based tokencodes is variable.
The "window" or range of valid authentication codes varies depending on the state of the token and values in the token's seed record. For example seed records often contain the following windowing parameters:
Small Window: 3
Medium Window: 7
Large Window: 100
Max Counter: 50000
SAE authenticates codes found inside the ?Accept Window? and rejects values outside the ?Reject Window?. Codes that fall between the accept and reject windows (where accept != reject) causes next tokencode mode.
State Accept Window Reject Window
-------- ---------------------- ---------------------
1st login Large-1 Large-1
Normal small medium
Waiting for PIN small medium
Next Tokencode Mode 2 2
Resynch (1st) max counter max counter
Resynch (2nd) 2 2
Related Articles
After an upgrade and migration, the 'Is Terminated' user attribute is not updated after unification in RSA Identity Govern… Number of Views Remote agent fails to start after metadata import Number of Views The display sequence of custom User Attribute Separators is incorrectly and unpredictably modified after making edits to U… Number of Views When extending the Root General Template for Databases, all Database Connectors using that root template stop working in R… Number of Views Increase timeout for RSA Authentication Agent for Web for IIS implemented for OWA Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
