Require a System-Generated PINRequire a System-Generated PIN
A user’s token policy determines whether his or her SecurID PIN must be system-generated. System-generated PINs are more secure because they are randomly selected by the server. This prevents a user from selecting a PIN that is easy to guess.
To require system-generated PINs, you must edit the token policy.
RSA RADIUS does not allow system-generated PINs by default. If the token policy requires system-generated PINS, you must edit the RADIUS configuration file securid.ini. For instructions on editing RADIUS configuration files, see Edit RADIUS Server Files.
Procedure
-
In the Security Console, click Authentication > Policies > Token Policies > Manage Existing.
-
Use the search fields to find the token policy that you want to edit.
-
From the search results, click the token policy that you want to edit.
-
From the context menu, click Edit.
-
Use the PIN Creation Method buttons to select Require system-generated PIN.
-
Click Save.
