Unlocking the eToken using Challenge Response

A eToken is locked if the eToken password is entered too many times incorrectly.

If the token had been initialized with an administrator password, eToken Properties provides the ability to unlock it using the administrator password.

If the administrator is present and can enter the administrator password, the token may be unlocked using the eToken Properties Advanced view.

When the administrator can only be located remotely, for example when an employee is out of the office, a Challenge Response authentication method can be employed to unlock the token. In this method, the user contacts the administrator with the Challenge Data from eToken Properties and enters the Response Data provided by the administrator. The user then enters a new password and the token is unlocked.

To unlock a token using Challenge – Response:

  1. In the left pane of the eToken Properties window, select the token to be unlocked.

  2. Click Unlock eToken in the right pane; the Unlock eToken window is displayed.

  3. Contact the administrator and provide the Challenge Data.

Caution: After providing the Challenge Data to the administrator, the user MUST NOT undertake any activities that use the token until after receiving the Response Data and completing the unlocking procedure. If any other eToken activity occurs during this process, it will affect the context of the Challenge – Response process and invalidate the procedure.

  1. The administrator provides the Response Data to be entered.

  2. Enter a new eToken password in the Password and Confirm fields.

  3. Select Change password on first logon if the new password is known to others and must be changed.

  4. Click OK.

The token is unlocked and a confirmation message is displayed.

Note: Response Data creation depends on the backend application being used by the organization. Please refer to the relevant documentation for details on how to generate the Response Data.