- From the Security Console navigate to Identity > Users > Manage Existing.
- Search for the user to whom you wish to assign the fixed passcode.
- When your search results come back, click on the context arrow next to the user ID and choose Authentication Settings.
- Check the option to allow authentication with a fixed passcode.
- When prompted create a fixed passcode, such as 87654321. Provide this to your end user.
- When the user next authenticates the user should enter their user ID then the passcode of 87654321. To the Authentication Manager server, this passcode is in New PIN Mode and will prompt the user to create a new PIN.
- At the prompt, they should enter whatever they wants for a fixed passcode, let's say 12345678.
- They will see a prompt to wait for the tokencode to roll and enter the PIN. The interface does not know the user is using a PIN + tokencode or fixed passcode so it just mentions a PIN. Ignore that. The user does not need to wait, just enter the fixed passcode created in step 7. Do not use the PIN associated to any expired token. Now when the user authenticates, they use their user ID and just this fixed passcode.
Fixed passcodes are less secure since they are not two factor authentication. Once your end user receives a new hardware or software token, please go through steps 1 - 4 again, removing the ability to use a fixed passcode.