This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

RSA® Authentication Manager Documentation

Browse the official RSA Authentication Manager documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Table of Contents

Product Resources

RSA SecurID PINs

A personal identification number (PIN) is a numeric password used to authenticate a user.

A personal identification number (PIN) is a numeric password used to authenticate a user.

To increase security, you can set the token policy to require users to create PINs containing both letters and numbers and to change their PINs at regular intervals. See Token Policy.

Misplaced or stolen PINs puts protected resources at risk. For this reason, you should instruct users to report compromised PINs as soon as possible.

When a user reports a compromised PIN, you can require the user to change his or her PIN after the next successful authentication.

When a user is required to change a PIN, the user must know his or her current PIN. To change a PIN, the user authenticates using the existing PIN and tokencode. After successfully authenticating, the user is prompted to create and confirm a new PIN, and the PIN is associated with the user’s token.

For example, suppose a user reports that she used her computer at a local coffee shop, and now she is worried that someone may have seen her type her PIN. After you receive the report, you use the Security Console to require the user to change her PIN. For instructions, see Require Users to Change Their RSA SecurID PINs.

The token policy may require the user to use a system-generated PIN instead of creating one. After the next authentication, the system provides the user with a new, system-generated PIN. The user then authenticates again using the new, system-generated PIN.

If users forget their PINs, you cannot require them to change their PINS in order to obtain a new one because users need to know their PINs in order to change them. Do the following:

  1. Users with RSA SecurID 800 authenticators need a PIN unlocking key. You, the administrator, must provide this information. For instructions, see Obtain the PIN Unlocking Key for an RSA SecurID 800 Authenticator .
  2. When a user forgets his or her PIN, you must clear the PIN before the user can create a new one. For instructions, see, Clear an RSA SecurID PIN..

Users can also use Self-Service to reset their PINs.

Note:  On-demand authentication (ODA) users also require PINs. For more information, see PINs for On-Demand Authentication.

 

 

 

 

 

You are here
Table of Contents > Users > RSA SecurID PINs
Labels (2)
0 Likes
Was this article helpful? Yes No
No ratings
© 2023 RSA Security LLC or its affiliates. All rights reserved.