Set a Temporary Password

If a user has lost or forgotten their authentication device, the Help Desk can assign a temporary password. The Help Desk also can remove a temporary password assignment that has not yet expired, or set one that lasts indefinitely.

Note: You can disable Help Desk’s ability to assign static passwords. Select Tools, point to Options, then click Help Desk (tab) to disable the Help Desk’s temporary password feature.
  1. In the tree in the left pane of the Administration Console, Select Help Desk, then search for a user via the drop-down list of LDAP queries. Optionally, search for a user by entering a User ID or Device serial number in the appropriate field.
  2. Select the user from the Search Results displayed, and the click Help Desk. The Help Desk dialog box is displayed.

  3. Click Temporary password.

    Note:  

    • The Show Password option can be used to hide or display the temporary password at any time.

    • If you want the AAA Server to control the password, do NOT select Use LDAP User Password. Then, either:

      • Enter and confirm a temporary password in the appropriate fields.
        By default, the Show Password option is not checked to avoid any security risks should someone be able to view your screen. To view the entered password, verify that your screen cannot be seen and select Show Password.
      • Click Generate Password to randomly generate a temporary password.
        The Show Password option is enabled and the generated password is displayed.

    • If you want the AAA Server to accept an LDAP static password, select Use LDAP User Password.
      The LDAP password option permits you to enable an LDAP static password without knowing what it is.

      Note: If you select the Use LDAP User Password method for assigning a temporary password, the fields for choosing and confirming a password by yourself become unavailable.

  4. To change the default duration, use the Duration options, Remove or One Connection, or use the drop-down For menu.

    • Remove - deletes a temporary password previously assigned.
    • One Connection - the user can use the password only once.
    • For "x" Minutes, Hours or Days - enter the number of minutes, hours or days the temporary password is valid.

  5. Click OK.

    The expiry value is displayed in the local time. However, is it managed by the AAA Server as the GMT time to allow the geographical consistency between multiple servers.

    When the duration expires, the AAA Server automatically re-applies the user’s previous authentication settings.

Important: All other authentication methods are unavailable until this temporary credential expires or is disabled by the Help Desk (or by the user himself, using the Web Self Help Desk).