For security reasons, we recommend against setting PINs for your end users. The recommended options are:
Your end users login to the Self-Service Console (additional configuration required). They enter the tokencode displayed on the token then will be prompted to create a PIN. Once the PIN is accepted, they can do a test authentication to confirm it is valid.
If your end users are logging in to an RSA Authentication Agent with a new token, the user enters the tokencode they see and the agent will prompt the user to create a PIN.
Alternatively, many of our RSA Ready partner products will prompt a user to create a PIN if one has not yet been set for the token.
An admin can set an initial pin for a user this way:
-assign a token to user
-generate an emergency token code for the token
-log into self service console as that userid and the emergency code
-it will ask to set up a new pin. do that, and this pin also applies to the users token
-remove the emergency token code
-inform the user of the pin via secure means