In addition to receiving tokencodes on hardware and software tokens, users can receive tokencodes on mobile phones or through personal e-mail.
In addition to receiving tokencodes on hardware and software tokens, users can receive tokencodes on mobile phones or through personal e-mail. You can deliver tokencodes to a mobile phone using Short Message Service (SMS), or an e-mail address using Simple Mail Transfer Protocol (SMTP). Tokencodes delivered using SMS or SMTP are called on-demand tokencodes.
Note: To use SMS delivery, you must establish a relationship with an SMS provider, and integrate SMS with RSA Authentication Manager. For a list of supported SMS providers, go to https://community.rsa.com/community/products/rsa-ready/.
As with the tokencode generated by a hardware or software token, on-demand tokencodes are used with a PIN to achieve two-factor authentication. However, on-demand tokencodes differ from tokencodes generated by hardware or software tokens in the following ways:
-
The user must already be assigned a PIN to use on-demand tokencodes.
You must either manually assign a PIN through the Security Console, or configure Self-Service to allow the user to request an account so that he or she can set a PIN.
-
The user initiates the request for the on-demand tokencode, either through Self-Service, which you must configure to allow such a request, or through any authentication agent.
Note: The on-demand tokencode service is not supported with authentication agents enabled with EAP 32.
-
The on-demand tokencode has a lifetime that you configure, after which it expires and can no longer be used to authenticate.
You can use the Security Console to perform the following tasks.
You are here
Table of Contents > On-Demand Authentication > On-Demand Authentication > On-Demand Tokencode Delivery by Mobile Phone or E-mail