I recently noticed our service desk started using the new RSA AM v8.2 "Extend SecurID Token Lifetime" feature. Unfortunately, it seems users are unable to logon with these extended tokens (one expired 31/12/2016 and was extended, but user can't logon).
I've checked the manual on this feature but I still don't understand what this about or when/how to use it. I can't test atm because I have no tokens expiring soon (and for other tokens it says "The token cannot be extended. It has more than 15 day(s) remaining before token expiration.")
The manual says:
For example, a token that will expire in 15 days can be extended so that it will not expire for another 30 years. An unassigned token that expires in 30 years provides a new expiration date to the distributed token that was expiring in 15 days, and the unassigned token is deleted. The original, distributed token on the user device receives an extended lifetime in Authentication Manager.
Does this mean the extended token just "claims" one of the free non-extended tokens and uses its 'presence' to continue authentication? Thanks for helping out!! Regards,