Click Browse to select the certificate that you obtained from Symantec VIP Manager.Įnter the password that you used when you obtained the certificate from Symantec VIP Manager.On the Factor Types tab, click Symantec VIP and then click Edit.In the Admin Console, go to Security Multifactor. Obtain a new certificate from Symantec VIP Manager.The expiration date is shown in Certificate details in the Factor Types tab. Certificates are typically valid for two years. Otherwise, the credentials do not expire.Perform these steps if you need to replace the certificate for any reason, such as before it expires. If there is no last validated date (for example, the credential has never been used), VIP uses the date that the credentials were bound to the users.If no users are bound to a credential, the credentials expire only if they are in the ENABLED state and have a last validated date. If users are bound to a credential, the credentials expire after the date configured in this policy, based on the last validated date. Remembered Device (set this expiration in the Remembered Device Policy) The credential expiration policy does not apply to: The credential expiration setting applies to: An administrator can return the credential to a valid status in VIP Manager. Once a credential expires, it becomes inactive and can no longer be used to authenticate a user. Setting Credentials to Expire You can set credentials to expire if users do not use them to successfully authenticate themselves, after a specified amount of time. The expiry time is set to the smaller time period present in all applicable policies. The user is assigned the stricter credential expiration policy, in the order Expire > Never Expire. The maximum credentials allowed is set to the larger of the numbers present in all applicable policies. The user is allowed access to only the credential types enabled in all applicable policies. If a user belongs to more than one group with different Credential policies, the user is assigned the stricter policy using the following rules: The Credentials policy defined at the group level always overwrites the account policy. Settings at the user group level overwrite the account policy settings for members of that user group. You can also customize the Credentials policy at the user group level. To set the Credentials policy for your VIP account:Ĭlick the Edit link to configure the Credentials policy settings. Note: You must also select the credential type or types that you want to allow for this policy in the Enable other credential types policy on this tab, and in the Enable temporary security codes policy on the Policy > Components tab. ![]() ![]() When the user attempts to log in without a credential, VIP obtains the configured out-of-band authentication methods from your identity store and automatically registers them as credentials for authentication. Whether VIP can automatically register a credential for a user using information from your identity store during the authentication flow. If you enable this option, VIP will not send SMS messages and voice calls to numbers outside the United States. Set whether VIP sends SMS messages and voice calls to non-US numbers. For more information, see Setting Credentials to Expire, later in this topic.Ĭhoose whether a credential can be registered to more than one end user within your organization at any one time. Set credentials to expire if users do not use them to successfully authenticate themselves after a specified amount of time. Select how many credentials an end user can have registered at any one time. Your selection does not affect previously-registered VIP credentials that may already be enabled.Įnable other credential types for your end users, including SMS text messages, Voice Calls, and Email messages. If you decide not to enable all VIP credentials by selecting No, you need to de-select the specific hardware and/or software credentials that you want disabled. These credentials include the VIP Security Card, VIP Security Token, and the VIP Access app. This policy allows you to:Įnable hardware and software VIP credentials that your end users can register within the VIP Self Service Portal. You can view and configure the policy for Credentials for your VIP account.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |