RSA Authentication Manager 7.1 Administrator's Guide - IT Services ...
RSA Authentication Manager 7.1 Administrator's Guide - IT Services ...
RSA Authentication Manager 7.1 Administrator's Guide - IT Services ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Clearing PINs<br />
<strong>RSA</strong> <strong>Authentication</strong> <strong>Manager</strong> <strong>7.1</strong> Administrator’s <strong>Guide</strong><br />
You need to clear a user’s PIN if the user has forgotten it. When you clear a PIN, the<br />
current PIN is deleted so that the user can create a new one.<br />
When a PIN has been cleared, the user is prompted to create a new PIN on the next<br />
authentication attempt. Similar to what happens to users who are authenticating for the<br />
first time, the user initially enters their current tokencode only. Upon successfully<br />
entering the tokencode, the user is prompted to create and then confirm a new PIN.<br />
The new PIN is then associated with the token.<br />
Note: Encourage users to create PINs containing both letters and numbers, as they are<br />
more secure. You can also set PIN requirements in the token policy. See “Setting<br />
Token Usage Requirements” on page 51.<br />
For example, assume that you are a system administrator and one of your users calls.<br />
It has been months since the user has made an authentication attempt, and she has<br />
since forgotten her PIN. The user asks you to clear her PIN so that she can create a<br />
new one. After verifying the user’s identity, you clear the PIN. Tell the user to enter<br />
her tokencode when prompted for her passcode on the next authentication attempt.<br />
After entering the tokencode, the user is prompted to create a new PIN.<br />
To use the Security Console to clear a PIN, select the Clear SecurID PIN option on<br />
the token Context menu.<br />
For instructions, see the Security Console Help topic “Clearing an <strong>RSA</strong> SecurID<br />
PIN.”<br />
Note: Users can also use Credential <strong>Manager</strong> to reset their PIN.<br />
<strong>RSA</strong> SecurID SID800 Authenticators<br />
Users with SID800 Smart Cards need a PIN Unlocking Key to access their token if<br />
they have forgotten their PIN. You can view the PIN Unlocking Key on the Token<br />
Properties page in the Security Console.<br />
For more information, see the Security Console Help topic “Obtain the<br />
PIN-Unlocking Key for a SID800 Smart Card.”<br />
Note: You must load the SID800 Smart Card data into <strong>Authentication</strong> <strong>Manager</strong> before<br />
you can view it. To load the data, use the “Import PIN Unlocking Key Utility” on<br />
page 269.<br />
104 4: Administering Users