Auth Code Complexity

Complex

Determines the complexity setting of the auth code, if the complexity was not determined by the email template or (for job collection codes only) the credential profile; for example, when sending a job collection code for a device based on a credential profile that did not have the Generate Code on Request option set, or when viewing an unlock code on screen.

Can be one of the following options:

• Complex – uses the complexity determined by the Complex Logon Code Complexity configuration option. This is the default.

• Simple – uses the complexity determined by the Simple Logon Code Complexity configuration option.

See section 3.4.1, Setting up logon codes.

Auth Code Lifetime

720

The number of hours for which an authentication code is valid for activating or unlocking. To set authentication codes for no expiry, set this value to 0.

See the Requesting an authentication code section in the Operator's Guide or the Sending an authentication code to activate a device section in the MyID Operator Client guide.

See the Unlocking a device section in the MyID Operator Client guide for details of configuring and using authentication codes for unlocking.

Auth Code Lifetime for Immediate Use

120

The number of seconds for which a short lifetime authentication code is valid for activating a device, logging on to collect a job, unlocking a device, or logging on to the MyID Operator Client. To set short lifetime authentication codes for no expiry, set this value to 0.

See section 3.5, Logon using authentication codes and the Signing in using single-use authentication codes section in the MyID Operator Client guide for details of requesting and using authentication codes for logging on to the MyID Operator Client.

See the Sending an authentication code to activate a device section in the MyID Operator Client guide for details of configuring and using authentication codes for activation.

See section 3.4.1, Setting up logon codes and the Sending a collection code section in the MyID Operator Client guide for details of configuring and using authentication codes for collection.

See the Unlocking a device section in the MyID Operator Client guide for details of configuring and using authentication codes for unlocking.

Complex Logon Code Complexity

12-12ULSN[BGIlOQDSZ]

The complexity rule used to generate a logon code when the Generate Code on Request option in the credential profile is set to Complex Logon Code, or the Complexity option in the email template or the Auth Code Complexity configuration option is set to Complex.

It takes the format mm-nnULSN[excluded characters]

mm = min length

nn = max length

U/u = must/may contain upper case (optional)

L/l = must/may contain lower case (optional)

S/s = must/may contain symbols (optional)

N/n = must/may contain numbers (optional)

You can specify any characters you want to exclude because they are difficult to distinguish on screen. For example:

12-12ULN[Il1O0]

generates 12-digit codes that have upper-case characters, lower-case characters, and numbers, but will not include the letter upper-case letter I, the lower-case letter l, the number 1, the letter O, or the number 0; you should be able to send notifications using these codes using any font without ambiguity.

The default exclusion list [BGIlOQDSZ] specifies letters that are commonly mistaken for numbers. When using this list, you can tell your operators that when reading out the code, if it is unclear whether the character is a letter or a number, to assume that it is a number, as no numbers are excluded.

See section 3.4, Logon using codes for details.

Logon Code Lifetime

720

The number of hours for which a logon code is valid for collecting a job. To set logon codes for no expiry, set this value to 0.

See section 3.4.1, Setting up logon codes and the Sending a collection code section in the MyID Operator Client guide for details of configuring and using logon codes for collection.

Simple Logon Code Complexity

12-12N

The complexity rule used to generate a logon code when the Generate Code on Request option in the credential profile is set to Simple Logon Code, or the Complexity option in the email template or the Auth Code Complexity configuration option is set to Simple.

It takes the format mm-nnULSN[excluded characters].

mm = min length

nn = max length

U/u = must/may contain upper case (optional)

L/l = must/may contain lower case (optional)

S/s = must/may contain symbols (optional)

N/n = must/may contain numbers (optional)

Optionally, you can specify any characters you want to exclude because they are difficult to distinguish on screen. For example:

12-12UN[I1O0]

generates 12-digit codes that have upper-case characters and numbers, but will not include the letter upper-case letter I, the number 1, the letter O, or the number 0; you should be able to send notifications using these codes using any font without ambiguity.

See section 3.4, Logon using codes for details.