 RSA
SecureID
User Guide
VPN Home
What is RSA SecurID?
RSA SecurID two-factor authentication is based on something you know
(a password or PIN) and something you have
(an authenticator or token)—providing a much
more reliable level of user authentication than reusable passwords.
To access resources protected by the RSA SecurID system, users simply
combine their secret Personal Identification Number or PIN
(something they alone know) with the token
codes generated by their authenticators (something
they have). The result is a unique, one-time-use passcode
that is used to positively identify or authenticate the user. If the
passcode is validated by the RSA SecurID system, the user is granted access
to the protected resource. If not recognized, the user is denied access.
Services, such as VPN or SSH, that require
RSA SecureID for
authentication also require that you install and configure the
appropriate client software on your computer to connect to the VPN or SSH service. This
guide
does not provide information on installing or
configuring clients; rather you must visit the VPN or
SSH
web pages for that information.
-
Hardware Token – Is a
small
light weight plastic device similar to a car remote with a
small numeric digital display. This token can be attached to
a lanyard or keychain. With the hardware token no
interaction with the user desktop is required—that is, you
don't have to install or maintain any software. The RSA SecurID hardware tokens are manufactured and sealed with an
integral lifetime battery. No user maintenance or battery
replacement is required.
-
Software Tokens – Is a small application
that can be installed on a wide range of personal devices.
Software tokens are available for the
BlackBerry Smartphone
and Apple iPhone.
Note: All RSA Tokens (hardware & software) have an expiration
date. ITD will contact you with replacement instructions before
your token expires.
- Read the
Statement on Proper Use of Strong Authentication Tokens.
(pdf)
- Apply for a RSA SecureID token by filling out the
account request form or in person at the
Account Management Office.
- Users will receive an email stating when they can pick
up their
hardware token from the Account Management Office once
their account request form has been processed.
For those who are using the
BlackBerry Smartphone
or Apple iPhone RSA
SecureID software token, please refer to the setup
instructions for each mobile device.
Set Token Pin Number
- BNL employees can use the following methods to
set their new token PIN.
Generic
Login Instructions
- Access a service at BNL that requires the use of a RSA SecureID
token (e.g., VPN client).
- Insert your
RSA SecureID token [username] and passcode [pin
+ 6 digit tokencode]
at the login prompt before the 60-second refresh time.
Users can view the 60-second count down timer on the
left-side of the token display, see below.
Please contact the ITD Helpdesk at x5522 (631-344-5522) or send an email to itdhelp@bnl.gov if you have
questions, concerns or experience any of the following
issues:
- Locked tokens
-
Lost or damaged tokens
-
Dead battery
-
Expired Tokens
-
Changing token pin number
Last Modified: November 8, 2010
Please forward all questions about this site to:
Web Services
|
