RSA AM 8.1 harware Tokens Exipiry & Adding New Ones
Hi - We have RSA AM 8.1 under support. Current set of hardware tokens have support expired. Those users who were assigned tokens are able to work normally. But when we try to assign another token it does not work. This is the current behavior. So we ordered a net set of tokens.
I have the following questions:-
1) Can the old set of tokens that are currently working coexist with the new ones?
2) Do we have to import new token file for the new set of hardware tokens or can we do a simple replacement of old to new?
- Community Thread
- Forum Thread
- RSA SecurID
- RSA SecurID Access
- Token Auth
- Token Authentication
- Token Authenticator
- Token Authenticators
To expand on Erica's reply, assigning the new tokens as a replacement allows the user's to keep their PIN. They will simply authenticate with the replacement token (using the PIN from their old token) and Authentication Manager will unassign the old (replaced) token from the user. There are also policy settings that can be used to have the tokens automatically deleted from the database after replacement completes. You can find this under "Setup > System Settings > Tokens" and look for the checkbox "Automatically delete replaced tokens" under the "Token Assignment" section.
It is possible to assign a second token to end-users, but this has a number of drawbacks. The new (second) token will require a new PIN be assigned (i.e., the user will have to know to just enter the tokencode when performing the first authentication with the new token), and the user's expiring token would also remain assigned to the user until unassigned by an administrator.