New PINs and On-Demand Tokencodes for Authentication Agents and RADIUS Clients
On-demand tokencodes always require a PIN. As a result, an administrator cannot clear the PIN of a user with an on-demand tokencode without assigning a temporary PIN. The user experience of changing the PIN of an on-demand tokencode depends on the method used to request the tokencode.
For a tokencode requested through an authentication agent or RADIUS client:
The user attempts to access a protected resource, and the agent prompts the user to enter a User ID and passcode.
When prompted for the passcode, the user enters the current PIN, which could be an expiring PIN or a temporary PIN assigned by the administrator.
The agent prompts the user to enter a new PIN and to confirm the new PIN.
The user enters a new PIN and confirms the new PIN.
The agent prompts the user to enter a passcode.
The user enters the new PIN.
AM sends the on-demand tokencode to the user.
When the agent prompts the user for next tokencode, the user enters the received on-demand tokencode.
Related Articles
Educating Your Users Number of Views RSA SecurID Authentication Agent 8.1 for PAM Release Notes (French) Number of Views Configure an IPv4/IPv6 Agent Number of Views Add a Password Dictionary Number of Views Delete a Persistent IPv4 or IPv6 Static Route Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager Upgrade Process
