User`s guide
3. Token Initialization /
Configuring Advanced Initialization Settings
SafeNet Authentication Client (Mac) User’s Guide, Rev. Revision B, ©2012 SafeNet, Inc.
44
RSA key secondary
authentication
An authentication password may be set for an RSA key. If this option is used, then in
addition to having the token and knowing the token's password, accessing the RSA
key requires knowing the password set for that particular key.
This option defines the policy for using this secondary authentication of RSA keys.
Always: every time an RSA key is generated, you are prompted to enter a
secondary password for accessing this key. Clicking OK generates the key and uses
the entered password as the secondary RSA password for that key. Clicking Cancel
causes key generation to fail.
Always prompt user: every time an RSA key is generated, a secondary password
for accessing this key is requested. However, the user can choose to dismiss the
prompt (by clicking Cancel), and key generation will continue without using a
secondary password for the generated RSA key.
Prompt on application request: this enables applications that use secondary
authentication for RSA keys to make use of this feature on the token (when
creating the key in Crypto API with a user protected flag).
Never: secondary passwords are not created for any RSA key and the
authentication method uses only the token password to access the key.
If the token was initialized as Common Criteria and the secondary authentication
Always
,
Always prompt user
or
Prompt upon application reques
t, then the secondary
authentication setting cannot be changed to
Never
or
Token authentication on applica-
tion request
. This limitation applies to Common Criteria certificates only.
Manually set the number
of reserved RSA keys
Set the number of reserved RSA keys. This ensures that there will always be memory
available for this number of keys.
Field (Cont.) Description (Cont.)