We recently had two users prompted to enter the "next tokencode" after they'd already logged in successfully. According to RSA support, this is typically because their tokens are out of sync.
However, they were able to log in again after we cleared their incorrect login attempts. We did not do anything to resynchronize their tokens.
With that said, does this mean the tokens can sometimes get back into sync without intervention?
Or was my problem perhaps something else? The users were highly confident they entered the correct token code each time.