Chapter 7: Using the SafeWord 2008 Management Console
Managing authenticators
135
Modifying token profiles
This section describes how to modify token profiles, editing attributes such as
their strength, group, etc.
To modify an existing token profile, do the following:
1
Select
Find > Authenticator Profiles > Software/Hardware Authenticator
.
2
Select
Find all available
, then click the
Find
button (or use
Find all that
match
,
and enter specific criteria).
3
Select the desired profile, right-click and choose
Edit
.
Figure 81:
Edit
Hardware Authenticator
windows (event
synchronous left, Alpine
time and/or event
synchronous right)
4
Set the
Authenticator Strength
for this profile.
Authenticator strength sets the numerical value for this authenticator type.
It can be used by the Authentication Engine
to determine whether sufficient strength exists to access a resource pro-
tected by a fixed numerical strength.
Tip: Assigned strengths should reflect how effective you perceive this type of
authenticator to be. You may give this profile a higher strength if you also increase
the minimum password length, and set passwords to expire in a shorter length of
time.
5
Select a group for this profile from the
Admin Group
list.
Note:
You can view the properties for this group by clicking the View button next
to the Admin Group field.
6
The Display Name field allows you to customize the field your users will
see when they enter their passcode. Enter your user’s authenticator type.
7
Enter any supportive or defining comments in the
Comments
field.
8
For Alpine
Time and/or Event-Synchronous
tokens, the
Additional
Options
fields allow you to set the following token synchronizing values
(see “Resynchronizing hardware tokens” on page 133):
–
Sync Window: (time sync)
the time span (plus/minus, in minutes)
beyond current time in which an un-synchronized token will still
authenticate, or
(event sync)
the number of token button presses
(events) before the token becomes unsynchronized.