SecurID® Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.
Article Number
000012084
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent
RSA Version/Condition: 7.2.1, 7.3.1
O/S Version: Windows 2012
RSA Product/Service Type: Authentication Agent
RSA Version/Condition: 7.2.1, 7.3.1
O/S Version: Windows 2012
Issue
The RSA SecurID prompt does not appear when connecting with RDP on Windows 2012, or users can bypass RSA SecurID Credential Provider because the Microsoft Password Credential Provider is available and not hidden:
Image description
Image descriptionCause
The customer has disabled Microsoft Password Credential Provider, which disables the excluding of Microsoft Credential Provider. This allows the RDP client to bypass the SecurID authentication and explains why the user does not get an RSA SecurID prompt even though the challenge was enabled.
Resolution
- From Run or the Windows icon in the taskbar, click Start > Windows PowerShell > gpedit to launch local group policy editor.
Alternatively, search for Group Policy Editor in Windows
- On the left panel, navigate to Administrative Templates > Classic Administrative Templates > RSA Desktop > Credential Provider Filter Settings.
- Set the Microsoft Password Credential Provider to Not configured.
Image description
- Connect with an RDP client as an RSA SecurID challenged user. The user will be able to see the RSA SecurID prompt and successfully authenticate. Only the RSA Credential Providers will show now.
In this article
