SecurID^® Discussions

SeaverZhang · ‎2020-01-08

This question is about distribution of the software token XML file. The IT team send email containing the XML file for software tokens via SDTID (XML) format. Can the employee forward this email to multiple mobiles devices with RSA token client app installed and then do the import using this XML file on multiple mobile devices? or is this file for single use only? Thanks

JayGuillette · ‎2020-01-08

Yes.

It needs to be the same .sdtid file, you cannot distribute it twice as that would break the first one. So distribute .sdtid file only once, and with a token profile that would work on both devices. Essentially this is the same token, which would generate the same token codes at the same time on both devices. Typical use case is the same .sdtid file imported on the same user's phone and their desktop token apps. Either device can be used to authenticate against a single realm (primary and its replicas). You could encounter problems if the time on both devices is not consistently accurate, like within 15-20 seconds or less of each other all the time, so that they each show the same exact token code for at least 40 seconds.

JayGuillette · ‎2020-01-08

You can't use device binding in this use case. Password protection is not a problem. Make sure to maintain confidentiality of the .sdtid file, don't just leave it where it could be found and copied

SecurID^® Discussions

Can the software token XML file be imported on two different mobile device?

Authenticators

SecurID® Discussions

Can the software token XML file be imported on two different mobile device?

Authenticators

SecurID^® Discussions