Chapter 7: Using the SafeWord 2008 Management Console
Managing authenticators
133
3
Locate the user to whom you will be assigning a token, right-click the
user’s name and select
Edit
to display the
Edit User
window, then click the
Authenticators
tab and the
Pick authenticator
button.
Tip: If some of your users will share a token, assign the same token serial
number to each user who will share it.
Figure 79:
Edit User
Window
4
Select a SafeWord token, and enter its serial number in the
Serial Number
field of the Edit Serial Number window.
5
If you will be assigning a SoftPIN to this user, enter a four-digit PIN in the
SoftPIN field. Otherwise, leave the field empty.
Requiring a PIN with a user passcode adds a second layer of security to
your system. If you will require users to authenticate with a token passcode
and PIN, they must append the PIN to the end of the passcode. If they do
not know their PIN, they will be denied access.
6
Click
OK
.
7
Distribute the token to the appropriate user(s). Be sure to tell them if they
will need to append a PIN to the end of their passcode.
8
Repeat the procedure for each SafeWord user.
Resynchronizing hardware tokens
If a SafeWord token gets out of synchronization and its generated passcodes
are rejected, it will need to be resynchronized by doing the following:
1
Locate and right-click on the user to whom the token is assigned, click the
Edit...
button in the
View User: (username)
window.
2
In the
Edit User: (username)
window, click the
Authenticators
tab, then
highlight (click) the token you want to re-sync, then click the
Re-sync...
button to display the Re-synchronize Authenticator window (see Figure
80).