currently when user open RSA App, it does not ask for pin , it directly displays tokencode. How can I enable that in RSA console so that users get the pin screen before getting the token code.
When you look at that specific token through the Security Console (Authentication > SecurID Tokens > Manage Existing), click on the context arrow next to the token serial number and click View.
Is the Displayed Value information set to PIN integrated with tokencode (PINPad-style), PIN followed by tokencode (Fob-style); or No PIN required (Tokencode)?
If it is set to No PIN required, your end users will not see a place to enter a PIN because the token was created to not use one. If you need to change the tokens to enable PINs you will need to change the software token profile or create a new one then reissue the tokens in question.
When you deploy a software token, you have three options:
- PinPad/passcode mode : Users enter their numeric ONLY PIN into the token application and receive a passcode which is computed from the PIN and tokencode
- "Fob" style : just like hard token, the users will NOT be asked for a PIN in the software token client, users enter their PIN followed by the tokencode displayed to authenticate (passcode= PIN+tokencode)
- tokencode only : PINLess .. no PIN.. NOT RECOMMENDED
If your token is asking for a PIN, then you will need to replace it with one that is in "Fob" style.. once a token has been distributed it cannot be modified.
Retrieving data ...