Hi all, we have a need for a new credential type of type RSA SecureIDSo since the token code changes every 60 seconds, it cannot be stored in the password database, but it MUST be prompted for, during every connection.
this consists of a Username and a Passcode.
The Passcode consists of a static user entered PIN and a token code.
The token code is a 6-digit number shown on the RSA keyfob (Wikipedia link below, model SID700) that changes every 60 seconds.
Ideally the combination of Username (can be stored) and Passcode (should be prompted) should result in a RDM credential object we can use in connections, but also be stored in variables so it can be used in connection properties or scripts.
the credential object can be used in multiple connection types as in Remote desktop connection to a server where the RSA SecureID authenticator is installed, or websites requiring RSA MFA.
Note that I'm already using a connection of type Citrix NetScaler that I've configured Always prompt for passcode so it asks me for the Passcode. However this one doesn't work correctly since the passcode and password are swapped: they're entered in the wrong fields in the webpage so can't logon here. (but that is a different issue).
Would you need a password field as well?
thanks for your quick reply.
A username and passcode field would suffice. RSA is using the term passcode to differentiate between that an a password. And the passcode it its turn consists of a static PIN + 6-digit number from the keyfob that changes every 60 seconds.
I've attached 2 images with examples from CyberArk: the first one is the CyberArk website asking for MFA , the second one is the CyberArk PSM server (Windows server) with RSA SecureID authenticator that lets me login with my vault username (= RSA username) and password (= RSA passcode).
But also our F5 VPN is using MFA using the RSA SecureID, and other (often web applications) do this as well..