When an end-user with multiple assigned credentials manually enters their VIP security code during a login, it is possible for one or more of their credential IDs in VIP Manager to go to a locked state, despite the VIP credential not being used for validations.
VIP Manager screenshot:
During a VIP Validation when an end-user manually enters a VIP security code from their VIP credential, the encrypted VIP username+VIP security code is sent to the VIP Cloud.
When an end-user is assigned one VIP credential ID:
When an end-user is assigned more than one VIP credential ID:
*This value can be adjusted by a VIP Administrator in the VIP Manager portal.
Note: A locked credential affects VIP authentications only when it is used during a login attempt.
- Users with multiple assigned credentials can periodically use a security code from another assigned credential
- Use the VIP PUSH feature. This does not impact a credentials invalid security code counter.
- Enable the VIP Manager policy to enforce a maximum number of assigned credentials. Your organization should decide the max. number of credentials a user can be assigned, and if credentials can assigned to more than one user at a time.
- Enable the Credential expiration policy to automatically remove unused credentials from users. Expired credentials are unassigned from the user and appear as 'inactive' in VIP Manager.