Unlocking the Token using Challenge Response

A token is locked if the token password is entered too many times incorrectly.

If the token had been initialized with an administrator password, SafeNet Authentication Client Tools provides the ability to unlock it using the administrator password.

If the administrator is present and can enter the administrator password, the token may be unlocked using the Advanced View.

When the administrator can only be located remotely, for example when an employee is out of the office, a Challenge Response authentication method can be employed to unlock the token. In this method, the user contacts the administrator with the Challenge Code from SafeNet Authentication Client Tools and enters the Response Code provided by the administrator. The user then enters a new password and the token is unlocked.

To unlock a token using Challenge Response:

  1. In the left pane of the SafeNet Authentication Client Tools window, select the token to be unlocked.

  2. Click Unlock Token in the right pane; the Unlock Token window is displayed.

  3. Contact the administrator and provide the Challenge Code.

Caution: After providing the Challenge Code to the administrator, the user MUST NOT undertake any activities that use the token until after receiving the Response Code and completing the unlocking procedure. If any other token activity occurs during this process, it will affect the context of the Challenge Response process and invalidate the procedure.

  1. The administrator provides the Response Code to be entered.

  2. Enter a new token password in the Password and Confirm fields.

  3. Select Token Password must be changed on first logon if the new password is known to others and must be changed.

  4. Click OK.

The token is unlocked and a confirmation message is displayed.

Note: Response Code creation depends on the backend application being used by the organization. Please refer to the relevant documentation for details on how to generate the Response Code.