Skip to main content

Configure One-Time Use Static PIN

Introduction

Use this guide to configure a one-time use static PIN that will clear the PIN value from the data store after a successful validation of the PIN. This feature applies to both open and non-open PINs and enables the static PIN to be used only one time.

Applies to

SecureAuth IdP Version

OS Version

8.0+

  • Windows Server 2008

  • Windows Server 2008 R2

  • Windows Server 2012

  • Windows Server 2012 R2

SecureAuth IdP Configuration Steps

Note

Select the tab corresponding to the pertinent SecureAuth IdP version

Data

1. In the Profile Fields section, map the PIN Property to a valid attribute in the data store

2. Make this Property Writable to enable the PIN field to be cleared upon successful end-user validation

43981721.png

Warning

Click Save once the configuration is complete and before leaving the Data page to avoid losing changes

Multi-Factor Methods

1. In the Registration Configuration section, select Enabled from the PIN Field dropdown

2. Make a selection from the Open PIN dropdown

If True is selected for an open PIN, the PIN can be non-numeric and is not hashed

If False is selected for a non open-PIN, the PIN must be numeric and is stored using a one-way hash

3. Select True from the One Time Use dropdown

4. Make a selection from the Show When Empt y dropdown

If True is selected, the PIN option appears as a second factor for the end-user regardless of whether or not there is a valid value

Enabling this function allows the end-user to select the PIN option, then contact the organization's help desk to obtain the PIN

43981711.png

Warning

Click Save once the configuration is complete and before leaving the Multi-Factor Methods page to avoid losing changes