Softpanorama

May the source be with you, but remember the KISS principle ;-)
Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and  bastardization of classic Unix

SecureID Token Activation

Contents
  1. Introduction
  2. Token usage
  3. Typical User Problems 
  4. Token Activation

 

Introduction

You now have a SecureID token assigned to you and your Unix shell was changed to a SecureID shell.

To authenticate yourself to the system you should now use the same login name as before and a passcode instead of password.

 

Passcode = PIN + one_time_password

Before you start using the token, it needs to be activated (see below) by setting your PIN.

Please understand that the token generates only a one-time password, not the whole passcode. The passcode consists of two parts PIN and one-time-password generated by token that should be entered one after another without any delimiters in between:

The first time you enter your userid on a Unix box with the SecureID installed you should see the prompt

Enter PASSCODE

instead of the usual

Enter password.

That prompt means that your authentication will now be performed using a SecureID token. Before you start using the token, it needs to be activated (see below).

Token usage

After that each time you use the token you need to enter a passcode (PIN + one_time_password). When using the SecureID token:

  1. Please do not forget that the passcode consists of a PIN and a one-time password generated by the token. You need to put your PIN first and then the 6-digit one-time password.

  2.  
  3. Each one-time password is valid to one minute only. You cannot put old password if you write it down or remember it after the password changed on the token. At the beginning I recommend waiting until a token generates a new one-time-password and only then start enter you PIN and this password.   
     
  4. If you entered the wrong passcode (for example novices often forget to enter the PIN, or generated one-time password changed before you finished to enter it), please wait until token generate next one-time password and then try again. 
     
  5. The token generates one-time-passwords. If you try to open two or sessions one after another, you need to wait until a new passcode will be generated. So opening three sessions need approximately 3 minutes. You cannot use the same passcode for two logins.

  6.  
  7. Detachable keychain or to pull out cord is probably the best option. A small necklace pouch can also be used. Your mileage may vary. In any case please try not to forget your token at home. In this case you will need a replacement token to be issued.
     

Typical User Problems 

  1. New SecureID users often forget to enter the PIN before the one-time password. If they enter generated one-time password twice they are put into "next passcode mode", see below.
     
  2. New users have difficulties understanding that one-time password is active for one minute only and that you should wait for the next password to be generated by the token, if the first one was rejected by the system. The same is applicable if you need to login to several servers: you cannot use the same token-generated sequence of 6 digits twice.
     
  3. If the user have entered the wrong passcode twice, he/she will be automatically put into so called "Next password mode". The latter means they will be prompted for next one-time password generated by the token, often they entered the first correct PIN+one-time-pasword combination. The second generated by the token one time password should be entered without a PIN.
     
  4. If you telnet to the server and get regular prompts for the username and password, then you need to contact the Unix admin for the box to install SecureID shell for your account.
     
  5. If a user forgets its PIN the PIN needs to be reset.
     
  6. You cannot initialize your token using ftp. Please use telnet to do so. 

Token Activation

The very first time you use your token, you need to connect to the system using telnet, not ftp. The selection of your own secret PIN in the telnet session is called token activation. It is performed only the first time you use the token. This is a multistep process but the description below looks more complex than it actually is. You just need to be careful, and follow the instructions below step-by-step:

  1. User action: Open the telnet session with any server that has your  SecureID account

    System action: You will get the usual login prompt
     

  2. User action: Please enter your login id

    System action: The system should display prompt Enter PASSCODE instead of Enter password.

    jklIf you do not see this prompt please contact your system administrator.

  3. User action: Please enter the 6 digit number (one-time password) displayed on your token
  4. .

    Note: At this time you do not have a PIN yet, that means that your PASSCODE will be just the 6 digits displayed on your token.)

    System action: You should get prompt "Enter PIN"
     

  5. User action:  Choose a combination of four to eight (4-8) letters and numbers that is meaningful to you and enter tham as you secret PIN.

    You can use one of your PINs for other cards to save yourself from memorizing yet another one. In any case try to avoid using birthdays or phone numbers, which can be easily discovered.

    System action: You should get a prompt to reenter your PIN again.
     

  6. User action: reenter the same PIN you chose on the prev step.

  7.  System action: The system will display the prompt "Enter PASSCODE" again.
     
  8. User action: This time you need to enter  both the PIN and generated one-time password ( passcode)
  9. Once you have set your PIN, the PASSCODE will become your PIN followed by the token display.

    Passcode = PIN + one_time_password (generated by token)

    Example:

    Your PIN:  1234  This is actually a bad PIN
    Token Code (one time password)  539825  
    New Passcode:  1234539835  Note that PIN is a prefix in the passcode

    Please also note that although the token display will change, your PIN will always remain the same.

  10. At this point you are done and you should get the system prompt. If you entered a combination


    PIN + one_time_password

    incorrectly and the system complained, please wait until one time password will change on the token (they are not reusable, they are really one-time). That also means that you cannot login to two servers using the same 6-digit one-time-password. You need to wait for the next one-time-password to login to the second server.

    You cannot login to two servers using one generated by a token 6 digit one-time-password. You need to wait for the next one-time-password to login to the second server.

    You do not need to repeat activation to other servers. They are activated automatically as soon as you activate the first server. And you need to enter Passcode=PIN + one_time_password (generated by token) combination when prompted for the PASSCODE on those servers. Just 6 digits from the token will not work.


Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright © 1996-2021 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to to buy a cup of coffee for authors of this site

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019