When you require a user to change a SecurID PIN, the user is prompted to create a new PIN after successfully authenticating with the token.
You can require a PIN change only when a user knows the existing PIN. For example, you might require a user to change a SecurID PIN if the current PIN has been compromised. If a user has forgotten the PIN, clear the PIN.
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Click the Assigned tab.
Use the search fields to find the token that you want to edit.
From the search results, click the token with the PIN that you want the user to change.