AnsweredAssumed Answered

Setup Pemanent passcode for UserID

Question asked by Derrick Chapman on Nov 8, 2018
Latest reply on Aug 7, 2020 by Edward Davis

Like • Show 0 Likes0
Comment • 4

New to RSA Authentication Manager and wanted to know how you would setup a permanent passcode for a user to proactively monitor a MFA Service

Erica Chalfin

Nov 9, 2018 12:07 AM

Correct Answer

Derrick Chapman,

You can go with a fixed passcode for your authentications.

From the Security Console,

Create your user in the internal database, if he does not exist (Identity > Users > Add New). After the user is saved, search for him (Identity > Users > Manage Existing.
Search for the user.
When results are returned, click on the arrow next to his name and choose Authentication Settings.
Check the box that enables a fixed passcode (it's the first option on the page).
Key in a fixed passcode (for example, 87654321) and confirm it in the second box then click Save.
Now enable the real time authentication activity monitor (Reporting > Real Time Authentication Activity Monitor and click Start Monitor) so you can watch the authentication process in action.
Go back to the device through which you wish to authenticate with the fixed passcode.
Using the user ID above, do a test authentication. When prompted for the passcode, enter the fixed passcode you created in step 5 and click OK.
You should see a prompt to create a new PIN. Ignore the prompt. What you need to do is take your fixed passcode out of its version of new PIN mode. At this point enter a new fixed passcode (e. g., 12345678) and click OK.
The next prompt will be to wait for the tokencode to roll then enter a passcode (PIN + tokencode). Since you don't have a PIN or a token, you enter your newly updated fixed passcode. Et voila, you are done and this fixed passcode can be used by your user to monitor a service.

Note that since this is a single factor it is not considered as secure as two factor authentication.

Regards,

Erica

See the reply in context

No one else had this question

Outcomes

Erica Chalfin

Nov 9, 2018 12:07 AM

Derrick Chapman,

You can go with a fixed passcode for your authentications.

From the Security Console,

Create your user in the internal database, if he does not exist (Identity > Users > Add New). After the user is saved, search for him (Identity > Users > Manage Existing.
Search for the user.
When results are returned, click on the arrow next to his name and choose Authentication Settings.
Check the box that enables a fixed passcode (it's the first option on the page).
Key in a fixed passcode (for example, 87654321) and confirm it in the second box then click Save.
Now enable the real time authentication activity monitor (Reporting > Real Time Authentication Activity Monitor and click Start Monitor) so you can watch the authentication process in action.
Go back to the device through which you wish to authenticate with the fixed passcode.
Using the user ID above, do a test authentication. When prompted for the passcode, enter the fixed passcode you created in step 5 and click OK.
You should see a prompt to create a new PIN. Ignore the prompt. What you need to do is take your fixed passcode out of its version of new PIN mode. At this point enter a new fixed passcode (e. g., 12345678) and click OK.
The next prompt will be to wait for the tokencode to roll then enter a passcode (PIN + tokencode). Since you don't have a PIN or a token, you enter your newly updated fixed passcode. Et voila, you are done and this fixed passcode can be used by your user to monitor a service.

Note that since this is a single factor it is not considered as secure as two factor authentication.

Regards,

Erica

Actions

Bronislav Pacinek @ Erica Chalfin on Aug 6, 2020 7:35 AM

Hello,

I have problem on 8.4.13 version.

I tried to enter 8-numbered Fixed Passcode and I got warning "The fixed passcode must be between 4 and 4 characters". When I enter 4-numbered PIN, and then save, everything looks OK.

Regards,

Brona

Actions

Jay Guillette

@ Bronislav Pacinek on Aug 6, 2020 10:03 AM

Check the Token Policy - Under Authentication - Policies - Token Policy

Scroll down to PIN Minimum and Maximum, they are probably both = 4. PIN settings affect Fixed Passcodes.

Actions

Edward Davis

@ Jay Guillette on Aug 7, 2020 11:47 AM

Fixed passcode can have it's own policy as a sub-menu of the token policy (define separate settings), or inherit the same policy as token pins: Here are the expanded options if you want fixed passcode to deviate from token pin policy.

Actions

4 Replies

Erica Chalfin Nov 9, 2018 12:07 AM
Unmark Correct
Correct Answer
Derrick Chapman,

You can go with a fixed passcode for your authentications.

From the Security Console,
1. Create your user in the internal database, if he does not exist (Identity > Users > Add New). After the user is saved, search for him (Identity > Users > Manage Existing.
2. Search for the user.
3. When results are returned, click on the arrow next to his name and choose Authentication Settings.
4. Check the box that enables a fixed passcode (it's the first option on the page).
5. Key in a fixed passcode (for example, 87654321) and confirm it in the second box then click Save.
6. Now enable the real time authentication activity monitor (Reporting > Real Time Authentication Activity Monitor and click Start Monitor) so you can watch the authentication process in action.
7. Go back to the device through which you wish to authenticate with the fixed passcode.
8. Using the user ID above, do a test authentication. When prompted for the passcode, enter the fixed passcode you created in step 5 and click OK.
9. You should see a prompt to create a new PIN. Ignore the prompt. What you need to do is take your fixed passcode out of its version of new PIN mode. At this point enter a new fixed passcode (e. g., 12345678) and click OK.
10. The next prompt will be to wait for the tokencode to roll then enter a passcode (PIN + tokencode). Since you don't have a PIN or a token, you enter your newly updated fixed passcode. Et voila, you are done and this fixed passcode can be used by your user to monitor a service.
Note that since this is a single factor it is not considered as secure as two factor authentication.
Regards,
Erica
Like • Show 0 Likes0
Actions
- Bronislav Pacinek @ Erica Chalfin on Aug 6, 2020 7:35 AM
  Mark Correct
  Correct Answer
  Hello,
  
  I have problem on 8.4.13 version.
  I tried to enter 8-numbered Fixed Passcode and I got warning "The fixed passcode must be between 4 and 4 characters". When I enter 4-numbered PIN, and then save, everything looks OK.
  
  Regards,
  Brona
  Like • Show 0 Likes0
  Actions
  - Jay Guillette @ Bronislav Pacinek on Aug 6, 2020 10:03 AM
    Mark Correct
    Correct Answer
    Check the Token Policy - Under Authentication - Policies - Token Policy
    
    Scroll down to PIN Minimum and Maximum, they are probably both = 4. PIN settings affect Fixed Passcodes.
    Like • Show 0 Likes0
    Actions
    - Edward Davis @ Jay Guillette on Aug 7, 2020 11:47 AM
      Mark Correct
      Correct Answer
      Fixed passcode can have it's own policy as a sub-menu of the token policy (define separate settings), or inherit the same policy as token pins: Here are the expanded options if you want fixed passcode to deviate from token pin policy.
      
      Like • Show 0 Likes0
      Actions

Setup Pemanent passcode for UserID

Outcomes

Related Content

Recommended Content