Users with RSA SecurID tokens can use Hitachi ID Password Manager for PIN reset or to clear forgotten PINs, to resynchronize their token clock with the RSA Authentication Manager, to enable or disable their token and to get emergency access pass-codes.
Password Manager can validate current token pass-codes using either a RADIUS service or using the RSA Authentication Manager connector, installed on the Password Manager server. Users can sign into Password Manager with this form of authentication, rather than passwords, security questions, etc.
Password Manager can manage RSA SecurID tokens, with operations such as clear PIN, PIN reset, enable or disable token, set or clear emergency access mode and clock synchronization. These operations are available both in self-service web or interactive voice response (IVR) or to a support technician.
For RSA ACE servers with version numbers earlier than 7.0 SecurID token management depends on an administrative API (apidemon) which is only available locally on the RSA Authentication Manager. As a result, a local Password Manager connector is mandatory on the RSA Authentication Manager. This connector is available for Windows, Solaris and HPUX.
For RSA ACE 7.0 and later RSA introduced a secure remote API to perform these functions and as such no Hitachi software need be installed on the SecurID server.
Watch a Movie
RSA SecurID Self-Service Token Support
- A user has forgotten the PIN for his RSA SecurID token.
- Using self-service, he can choose a new PIN.
- Token PIN reset is more commonly accessed via telephone, since tokens are often used to establish a VPN connection.
- Other self-service options include issuing emergency access codes and disabling the token (e.g., if it was lost).