Services, such as VPN or SSH, that require RSA SecurID for authentication also require that you install and configure the appropriate client software on your computer to connect to the VPN or SSH service. This guide does not provide information on installing or configuring clients; rather you must visit the VPN or SSH web pages for that information.
RSA SecurID two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator or token—providing a much more reliable level of user authentication than reusable passwords.
To access resources protected by the RSA SecurID system, users simply combine their secret Personal Identification Number or PIN (something they alone know) with the token codes generated by their authenticators (something they have). The result is a unique, one-time-use passcode that is used to positively identify or authenticate the user. If the passcode is validated by the RSA SecurID system, the user is granted access to the protected resource. If not recognized, the user is denied access.
Note: All RSA Tokens (hardware & software) have an expiration date. ITD will contact you with replacement instructions before your token expires.
A hardware token a small light weight plastic device similar to a car remote with a small numeric digital display. This token can be attached to a lanyard or keychain. With the hardware token no interaction with the user desktop is required—that is, you don't have to install or maintain any software. The RSA SecurID hardware tokens are manufactured and sealed with an integral lifetime battery. No user maintenance or battery replacement is required.
BNL employees can use the following methods to set their new token PIN: