The WiKID Authentication Server will now send a configuration file and a copy of the server’s public key
encrypted with the device’s public key.
Your device will decrypt the file and ask for a PIN; use whatever you like. Your PIN will be encrypted with the WiKID
Authentication Server's public key and stored on the server, not on the device! Many soft-tokens store the PIN on the device enabling a brute-force attack.
Once you have sucessfully entered a PIN, the server will return a lengthy registration code. You will need this code to complete the following registration process, but only this one time.
After this you will only need your PIN.
The domain administrator sets the minimum PIN length and the number of times an incorrect PIN can be entered before the
account is disabled.
|