SecurID^® Discussions

NathanBrown2 · ‎2018-03-01

I have some Windows 8 Professional laptops I just installed the RSA Authentication Agent x64 on. However, after rebooting and each boot afterwards when I press back arrow next to the user icon I see 4 options for logging in. 2 contain the RSA black logo offering the current login and other user, the other two have the default white icon with the current user's ID on it and the other with Other User, like the RSA icons. The problem is, I can select the windows icon for the current or other user and log straight on in. No typing PIN and RSA SecurID number. Has anyone experienced this? Does anyone have a suggestion? Thank you, Nathan.

JayGuillette · ‎2018-03-01

Nathan,

What you are seeing is the Windows Password Credential Provider in addition to the SecurID Credential Provider. The RSA Windows agent install is designed to disable the display of all other Credential Providers so users are forced to go through the RSA Credential Provider with the Black logo.

You need to disable the Windows Password Credential provider, either through the Registry or with a GPO, which Erica referenced above. The closest solution we have for reference is how to disable the Windows Smart Card Credential Provider,

https://community.rsa.com/docs/DOC-46900

so if you kind of follow this one, but translate Smart Card to Windows Password, you should be able to achieve what is needed here, to allow filtering out of Windows Password CP, to disable display of it.

View solution in original post

_EricaChalfin · ‎2018-03-01

Nathan Brown‌,

Have you reviewed the RSA Authentication Agent 7.3.3 for Microsoft Windows Group Policy Object Template Guide for information on configuring challenge options on the agent?

This guide describes how to use Group Policy Object templates to configure RSA Authentication Agent 7.3.3 for Microsoft Windows. For example, you can use a policy template to define how users authenticate, define challenge groups, and set the logon field label.

Also, check out the RSA Authentication Agent Help files within the agent's RSA Control Center to learn how to enable tracing on the agent. These logs are helpful if you need to contact support to assist you in resolving your issue.

Regards,

Erica

JayGuillette · ‎2018-03-01

Nathan,

What you are seeing is the Windows Password Credential Provider in addition to the SecurID Credential Provider. The RSA Windows agent install is designed to disable the display of all other Credential Providers so users are forced to go through the RSA Credential Provider with the Black logo.

You need to disable the Windows Password Credential provider, either through the Registry or with a GPO, which Erica referenced above. The closest solution we have for reference is how to disable the Windows Smart Card Credential Provider,

https://community.rsa.com/docs/DOC-46900

so if you kind of follow this one, but translate Smart Card to Windows Password, you should be able to achieve what is needed here, to allow filtering out of Windows Password CP, to disable display of it.

NathanBrown2 · ‎2018-03-01

Thanks for the info. Sounds like what I am looking for. I will pull it up on my phone as our internet provider experienced a fiber cut.

I will update this email to the resolution or continued difficulties.

Thank you,

Nathan Brown

IT Tech Support Specialist

Louisiana Office of Student Financial Assistance

Baton Rouge, LA 70802 (225)219-7636

NathanBrown2 · ‎2018-03-07

Thank you for the excellent help. The profile via the group policy is what ended up helping me.

Thanks again!

SecurID^® Discussions

Windows 8 Pro allowing users to bypass RSA

Agents

SecurID® Discussions

Windows 8 Pro allowing users to bypass RSA

Agents

SecurID^® Discussions