This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RichardCrevier
Beginner
Beginner
‎2019-02-27 02:15 PM

Expired Token

Jump to solution

Hi,

If i have a client with an expired token, can i gave a temporary NIP until we purchased a new token ?

 

Regards,

 

Richard Crevier

STM

0 Likes
Reply
1 Solution

Accepted Solutions
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2019-02-27 04:52 PM

Jump to solution

Richard Crevier‌,

 

I've moved your question to the RSA SecurID Access space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

 + + + 

 

If you have an end user who has an expired token you can't assign him temporary authentication options.  That being said you can assign her a fixed passcode until the new token is assigned and distributed.

 

1.  From the Security Console search for the user.  

2.  When your search results come back, click on the context arrow next to her name and choose Authentication Settings.

3.  At the top of the page is an option for fixed passcode.  Place a check in the box. 

4.  When prompted create a fixed passcode, such as 87654321.  Provide this to your end user.

5.  When she next authenticates she should enter her user ID then the passcode of 87654321.  To the Authentication Manager server, this passcode is in New PIN Mode and will prompt her to create a new PIN.

6.  At the prompt, she should enter whatever she wants for her fixed passcode, let's say 12345678.

7.  She will see a prompt to wait for the tokencode to roll and enter the PIN.  The interface does not know of she is using a PIN + tokencode or fixed passcode so it just mentions a PIN.  Ignore that.  She does not need to wait she just enters the fixed passcode she created.  She should not use the PIN she has associated to her expired token.  Now when she authenticates, she uses her user ID and just this fixed passcode.  

8.  Until you provide her with a new token, she should use this fixed passcode.

ETA:  Fixed passcodes are less secure since they are not two factor authentication.  Once your end user receives her new hardware or software token, please go through steps 1 - 3 again, removing the ability to use a fixed passcode.

 

Regards,

Erica

View solution in original post

Reply
1 Reply
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2019-02-27 04:52 PM

Jump to solution

Richard Crevier‌,

 

I've moved your question to the RSA SecurID Access space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

 + + + 

 

If you have an end user who has an expired token you can't assign him temporary authentication options.  That being said you can assign her a fixed passcode until the new token is assigned and distributed.

 

1.  From the Security Console search for the user.  

2.  When your search results come back, click on the context arrow next to her name and choose Authentication Settings.

3.  At the top of the page is an option for fixed passcode.  Place a check in the box. 

4.  When prompted create a fixed passcode, such as 87654321.  Provide this to your end user.

5.  When she next authenticates she should enter her user ID then the passcode of 87654321.  To the Authentication Manager server, this passcode is in New PIN Mode and will prompt her to create a new PIN.

6.  At the prompt, she should enter whatever she wants for her fixed passcode, let's say 12345678.

7.  She will see a prompt to wait for the tokencode to roll and enter the PIN.  The interface does not know of she is using a PIN + tokencode or fixed passcode so it just mentions a PIN.  Ignore that.  She does not need to wait she just enters the fixed passcode she created.  She should not use the PIN she has associated to her expired token.  Now when she authenticates, she uses her user ID and just this fixed passcode.  

8.  Until you provide her with a new token, she should use this fixed passcode.

ETA:  Fixed passcodes are less secure since they are not two factor authentication.  Once your end user receives her new hardware or software token, please go through steps 1 - 3 again, removing the ability to use a fixed passcode.

 

Regards,

Erica

Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.