search cancel

VIP OTP security code out of sync

book

Article ID: 175691

calendar_today

Updated On:

Products

VIP Access for Desktop VIP Access for Mobile

Issue/Introduction

Error: The OTP you provided is within the Sync window, but outside the Look Ahead Window. This operation requires a second consecutive OTP. 

Cause

This error can happen when the time of the device generated by the security code becomes out of sync from previous codes used. If the security code drifts outside of the acceptable parameters set by the VIP Administrator, this error will occur. It can happen when end-users travel and change time zones frequently but the device may not update, and they are not syncing time to an Internet Time provider. This can also occur when the device time is losing or gaining time. 

For more information about out-of-sync credentials, see here.

Resolution

A reset can be done from within the VIP Access Desktop app by following these steps

  1. Open VIP Access Desktop
  2. Click on the icon in the top-left of the application window and select Settings.
  3. Click Reset

For other credential types such as VIP Access for Mobile and hard tokens, follow these steps:

  1. Go to https://vip.symantec.com/.
  2. Click on Test on the page.
  3. Enter the Credential ID in the provided field.
  4. Click Continue.
  5. Generate a security code on the device and enter it into the provided field. If the credential is working properly, a success message will appear. If there is an issue, a prompt will appear to enter the next consecutive security code to re-sync the credential.
  6. If the problem persists, or comes back repeatedly/too soon, then it is recommended to remove the credential from the local device and re-install to generate a new Credential ID.

As a VIP Administrator, if you wish to change the predefined security level parameters, you can adjust the settings in several ways. From within VIP Manager, click Account > Credential Security Settings > Choose Validation Type and choose change settings. Default Credential Security settings are Medium (users can enter security codes that are up to 5 minutes ahead of behind the validation server's clock).  A Security Level of Low allows users to enter security codes up to 32 minutes ahead or behind the validation server's clock. Levels can also be set manually from within these settings. For additional information, refer to the online help from within VIP Manager.