SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

get pin for first time use of rsa token

how do I get a PIN when using an RSA securid token for the first time?

I have correctly entered my Company username and LAN password with the passcode from the RSA token (without a PIN because I don't have one yet).  It returns the message "The credentials you typed are incorrect". 

1 Reply
Employee (Retired) Employee (Retired)
Employee (Retired)



Are you using a hardware or software token to authenticate?  Through what product are you authenticating, an RSA agent or some third party product like Citrix, Cisco, etc.?


When you authenticate for the first time and don't have a PIN, just enter the digits you see on your token into the interface.  If you have a software token and the tokencode is not displaying, enter four zeroes (0000) and press the Play arrow. 


If your tokens is configured to need a user created PIN, you should get a prompt to create a PIN.  If your admins set up the option for system generated PINs, it should provide that PIN to you.  The third option is to have a PINless token (the least secure option), where you only enter the tokencode to authenticate.


RSA purposely keeps the message an end users sees about a failed authentication as vague as possible to prevent someone from gaining access to the system.  Try this:

  1. Launch the Security Console and go to Reporting > Reports > Add New.
  2. Look for the Authentication Activity report. 
  3. Click on the context arrow next to the report name and choose Select.
  4. On the next page, define the security domain or leave SystemDomain.
  5. Leave all output columns selected.
  6. Define the date range from when you ran your authentication tests.
  7. Define your security domain, identity source, etc.
  8. Set successful, failed and warned actions to Yes.
  9. If you know there will be a lot of entries in the report, you can scope down to show authentications based on the specific the agent and/or token serial number.
  10. When done, click Save.
  11. On the next page, click the context arrow next to your report and choose Run Report Job Now.
  12. Click Run Report.
  13. Click Refresh List.
  14. When the report is no longer listed on the In Progress tab, click Completed,
  15. On the next page, click the context arrow next to the report and choose to view the report in your browser or to download the report in csv, html or xml format.  I like downloading to csv since you can open it in Excel and sort the data.
  16. Note the failure reason is in the Result Key and Result columns. The information listed there will give us next steps in how to resolve the authentication failure.