Article Number
000038057
Applies To
RSA Product Set: SecurID Access
RSA Product/Service Type: Cloud
RSA Version/Condition: Not Applicable
Issue
An end user is encountering one or both of the following problems with the RSA SecurID Authenticate app:
Authenticate Tokencode authentication failed - Invalid tokencode
The above error occurs even when the user is very sure they are entering the correct code displayed on their device.
Expired QR Code. Message: Generate a new QR Code. Then scan the new code in the app .
The user is able to complete registration with a password or registration code however.
Cause
The date and/or time and/or geographical region setting in the end user's device is incorrect.
Resolution
Both QR codes and tokencodes use time-based algorithms, so they both require the end user's device to be set accurately to the current date and time, according to the geographical region set in their device. Time accuracy must be within a few minutes.
For example, if the end user's device region is currently set to India (GMT+5:30), then the date and time in the device must be set to the current date and time in India. Clock drifts of a few minutes or more, or failure to adjust to daylight savings time changes, can cause the errors described in this article to occur. If the date and time appears to be correct, check to make sure the geographical region configured in the device is correct too.
We recommend setting mobile device times using the Auto feature in the device, if available, so that device times are automatically set accurately by the mobile network. Check with your mobile network provider to confirm if automatic clock setting is available. For devices that do not use a mobile network, RSA recommends configuring a reliable NTP server to automatically synchronize your computer's time.
Workaround
If date and time cannot be automatically managed by network time synchronization, then manual date/time adjustments may be required occasionally to maintain clock accuracy in the device.
Notes