Idea Details

OTP PIN RESET FUNTIONALITY CHANGE

Last activity 04-11-2018 12:41 AM
Anon Anon's profile image
12-17-2014 02:09 AM

Requirement: When end user resets PIN using Forgot my PIN option, He should be able to generate the OTP using old account in client software. i.e.,

Present Scenerio

  1. User clicks on Forgot PIN
  2. User receives an security code on registered email
  3. User enters the Security code and recreates new PIN in the Secure Cloud server.

UPTO THIS EVERYTHING IS FINE AS THIS IS HOW OTP SHOULD WORK BUT UNFORTUNATELY

THE BELOW STEPS FOLLOWED ON.

  1. User receives OTP activation email
  2. User has to start from scratch and all the work done in the past must be reproduced,

Instead we need

  1. User clicks on Forgot PIN
  2. User receives an security code on registered email
  3. User enters the Security code and recreates new PIN in the Secure cloud server.
  4. User enter new pin in client software (Here no need a new activation mail. Instead user enters the pin in old account)
  5. User login to environment using Username and OTP

 

The OTP functionality should have no relation with the end users OTP software, except that the soft token is imported for the first time. The PIN should only be known to the WIC server, and if the passcode generated by the user using his client software matches that of server, then the user should be logged in.


Comments

03-16-2017 08:03 AM

This is under review by the CA Secure Cloud Engineering Team.

12-16-2015 10:24 AM

After review the product team decided to wish-list this idea so that it can be considered for implementation in one of our future releases.