This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
JoseLuisMartinM
Occasional Contributor
Occasional Contributor
‎2019-11-12 10:38 AM

Protecting the Authenticate tokencode in the Authenticate app

Jump to solution

Hi all,

 

Our managers want to avoid the scenario where users don't configure automatic lock of their mobile phones. They are worried about users leaving unprotected phones with the Authenticate app open and showing tokencodes.

 

I've been trying the option "Require PIN or Device Biometrics to view the Authenticate Tokencodehttps://access-eu.securid.com/AdminInterface/customer/281/" in the configuration and it works but... for the first time only. You open the app and are required to write a PIN or use the device biometrics to see the tokencode. But once you've done that, the app continues showing tokencodes, when I was expecting it to lock again when the tokencode shown expires. Is this the expected behaviour?

 

The other option would be to remove altogether the option to authenticate with tokencodes, but as far as I know is the authentication method needed for first time users, to be able to create a PIN for the Approve method. Is that right?

 

Thanks

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
TedBarbour
Employee
Employee
‎2019-11-12 12:08 PM

Jump to solution

Hi Jose - if you navigate to another app or lock your screen you are forced to re-enter PIN or do biometrics again to see the tokencode.  Otherwise, if I turn off my screen lock and leave the application open showing tokencodes they require PIN or biometric again in less than 5 minutes.

 

Hope that helps,

Ted

View solution in original post

Reply
2 Replies
TedBarbour
Employee
Employee
‎2019-11-12 12:08 PM

Jump to solution

Hi Jose - if you navigate to another app or lock your screen you are forced to re-enter PIN or do biometrics again to see the tokencode.  Otherwise, if I turn off my screen lock and leave the application open showing tokencodes they require PIN or biometric again in less than 5 minutes.

 

Hope that helps,

Ted

Reply
JoseLuisMartinM
Occasional Contributor
Occasional Contributor
In response to TedBarbour
‎2019-11-13 05:17 AM

Jump to solution

Thanks Ted! We'll show the available options to management for them to decide

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.