If a token policy is assigned to more than one security domain and you want to change the policy for only one of the security domains, duplicate the existing policy and then re-assign it. For example, you can use this functionality to gradually phase in new security requirements, such as more frequent PIN changes.
In the Security Console, click Authentication > Policies > Token Policies > Manage Existing.
Use the search fields to find the token policy that you want to duplicate.
From the search results, click the token policy that you want to duplicate.
From the context menu, click Duplicate.
You can make the necessary changes to the duplicate policy and assign the policy to the security domain you want to change.