Just wanted to say, we have several users who are experiencing this issue:
They are using an Iphone 14 with the latest IOS 16.6.1
When i tried to import a software token he got the error "The imported OTP credential is not intended for this device and has been removed' error. After that i reset the token, he updated the RSA authenticator app (SecureID) but then his app already crashed when inititliasing for the first time. Now he gets:
Error Occurred: Error initializing authenticator app. Please try again later or contact your IT support. This is with the latest app version 4.3.1 (build1).
Appearently we have to wait until it is fixed in 4.3.2?
... View more
Hello everyone. I know it could be lame for some, but i am first time ordering software RSA Tokens. I registered all over the place that we were requested to. Finally able to get to RSA self service control page, then to comunity rsa page (where of course i cannot submit ticket, as many other people i noticed reporting here). At the end i was able to log in to myRSA page, see my Site ID, Serial number....but, i have not option for software or anything. I have only XML file with serials from token. But i need token file to import to app (or URL, or QR i guess). Here on comunity i was able to download MAC OS app, on Android via Google Play app too. Any advice, how to get to stdid file (or how is that extension) or get those URLs? Thank you.
... View more
FAQ: RSA Authenticator 4.3.x on iOS issues Date: 20th September 2023
What are the issues occurring in RSA Authenticator 4.3.X on iOS?
In certain circumstances, impacting only a few users, installing or upgrading to RSA Authenticator V4.3 for iOS may result in users being unable to use the application, with the following notice prompts:
This error message is misleading. This occurs on RSA Authenticator 4.3 and 4.3.1 when a user sets up a new device or resets an existing device to factory state, and subsequently (from either state) restores the device from backup. For security reasons, credentials are not part of the backup and restore process. Any newly installed application (i.e., not an update) will never include credentials; these must always be re-installed after such a new installation.
V4.3.2 partially corrected the above issue and the error message presents as follows:
When these users continue to import credentials in the app, they could run into one of the below errors:
What are the root causes of these issues?
Root Cause 1: Race condition between Apple protected resource availability and RSA Authenticator App initialization.
Root Cause 2: RSA has implemented extra security measures, relying on unique security information present on this device, which cannot be backed up. When an iOS back-up is restored, there is a mismatch between the information part of the backup, and the unique security information on the device. Note: this may occur with users getting a new device or resetting the current device to factory settings.
Combination of the two above.
What has been done to correct these issues?
RSA Authenticator V4.3.3 for iOS includes the following:
Better handling of the race condition mentioned above.
Improved handling of restore from backup with the following error message when the user needs to import credentials again.
Instructions when restarting the app will likely resolve the underlying race condition. Users should be advised of the following steps if you are working with them.
Restart the app. In certain edge cases, this could resolve the issue.
Provide the user with the option to ‘reset the app’, which will initiate a database reset in the application, resolving the issue. The user will then be able to import new credentials into the application, via the same process applied to new users, or to existing users switching to new devices.
What are RSA’s Recommendations for Next Steps?
RSA is currently working with customers to field test V4.3.3. General Availability is expected by September 22, 2023, pending Apple approval
RSA does not expect to restart gradual App auto updates before the week of September 25, 2023.
Any users switching to a new iOS device will need to immediately manually update to RSA Authenticator App v4.3.3 once it is available in the Apple App Store.
For any other users who are still experiencing the issues mentioned above, we recommend they immediately manually update to RSA Authenticator App v4.3.3 once it is available in the Apple App Store.
What about RSA Authenticator on Android?
The Android version of the RSA Authenticator application is not impacted by these issues, which are specific to iOS. Having confirmed that the issues mentioned above do not impact the Android version of the Authenticator, RSA is now resuming the rollout of V4.3 for Android.
... View more
Dear all We use the PAM Agent with RSA Secure ID with OL7 systems with local linux users. (works fine). Now we building up a new environment with RHEL8 systems which are attached to an AD (over sssd). Does the PAM Agent support such an environment? Users in AD and RSA secure ID login over ssh? man thanks in advance regards Joe
... View more
Hi, In our workflow the first time a new user connects to mypage to register a device, they need an "Emergency Access Code" generated by an administrator (helpdesk role). Unfortunately new enabled users won't appear in the "user management" till the identity source is not synced and as documented here https://community.rsa.com/t5/securid-cloud-authentication/administrative-roles-for-the-cloud-administration-console/ta-p/622895 the helpdesk adminsitrator user cannot sync the cloud console with the identity source. This makes the process to enable a new user (in our workflow) over complicated and I was wondering if there's a way for the super admin to schedule the sync time by the admin console (or using the API), and how to proceed. Of course if you have an alternative idea I'm all ears. Than you
... View more