This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

SecurID Authenticator 6.0 for Windows: Deprecated Features

Article Number

000067918

Applies To

  • RSA Product set: SecurID
  • RSA Product/Service Type: RSA SecurID Authenticate, RSA SecurID Token
  • RSA Version: 3.6, 5.x respectively
  • Platform: Windows 

Issue

For existing users of RSA SecurID Token 5.x, the following features are no longer supported in SecurID Authenticator 6.0


 

Resolution

Below are the Deprecated  features and their description
  • Unsupported Operating Systems
Windows XP, Vista, and older versions of Windows 10
  •  Auto-submission of OTPs into a web form (web plug-in)
RSA previously supported two web plug-ins based on ActiveX and NPAPI. Both technologies are deprecated by Microsoft and are no longer supported in modern web browsers.
  • Auto-submission of OTPs into a client application (STAuto API)

The STAuto API allows a requesting client application to automatically retrieve tokencodes on behalf of the user. While simplifying user authentication, it could also allow a rogue application to harvest tokencodes from the user’s machine. RSA does not recommend using STAuto and has formally removed it from this release.
  •  Use of SecurID OTP as a shared “machine-level credential” 
In certain retail applications, SecurID could be used to restrict application access to specific in-store kiosks only. In this scenario, the tokencode is used to authenticate the machine, not the user. In common practice, client-side certificates are now the preferred solution for machine authentication. RSA recommends that each user should have a unique SecurID token to ensure strong authentication of the user, not just of the machine.
  • Display the OTP generated by a USB-connected SID800 hardware token as the end of the sale for the SID800 was announced in January 2021.
  •  Storage of SecurID OTP seeds on a third-party device (e.g., flash drive) 
Storage of SecurID OTP seeds on a third-party device (e.g., flash drive)    Launched in 2008 as the “Credentials Everywhere” initiative, this program once included integrations from leading USB device vendors like SanDisk and IronKey. After limited adoption, however, the program was discontinued in 2014.
  • Roaming support for SecurID credentials 
In call center applications, users may regularly authenticate from multiple physical or virtual terminals (e.g., Citrix VDI). Roaming support once allowed a SecurID seed to be stored with the user’s AD profile and “follow” the user between machines. Because this solution negates the “something you have” factor (i.e., the PC), it effectively reduces SecurID to only “something you know” (i.e., the AD password used to unlock the tokencode).
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-07-01 01:33 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.