4 Replies Latest reply: Oct 19, 2011 10:46 AM by jverdin RSS

Authentication method failed, passcode format error

jverdin

Scenario,  Radius is setup and LDAP is configured on my RSASecureID appliance.  I added a user from AD, link the account to a token and added that user to a local group with access to the agent tied to the Radius client.  I receive the following error when trying to login: Authentication method failed, passcode format error, Please help

 

Thanks,

  • 1. Re: Authentication method failed, passcode format error
    glennwilliams

    passcode formate error is too many or too few characters in your passcode.

     

    There are two usual causes in your situation:

     

    1. You are entering too many or too few characters as your passcode (you can test by setting up a fixed passcode (find the user and select authentication settings. You can set it to allow and then set the static passcode).

     

    If you're auth fails for the same reason with a static passcode, then the issue is likely:

     

    2. The shared secrets do not match between the RADIUS agent and the client entry on the RADIUS server. With RADIUS the passcode is hashed. If the shared secret does not match you will end up with a long string of characters as your passcode presented to the server, which will fail with the passcode format error.

     

    Glenn

  • 2. Re: Authentication method failed, passcode format error
    jverdin

    A fixed passcode is similar to a password. Instead of using a SecurID PIN and tokencode to authenticate, a user can enter a fixed passcode to gain access. RSA recommends that you do not use fixed passcodes because they eliminate all the advantages of two-factor authentication.  I’m trying to implement two-factor authentication.  I tried both your suggestions and it still giving me the same error… Thanks,

     

  • 3. Re: Authentication method failed, passcode format error
    glennwilliams

    I wasn't suggesting you continue to use the fixed passcode, just use it to help isolate the problem.

     

    If your fixed passcode failed with a passcode format error then it sounds like you have a shared secret mismatch. This wouldn't happen to be a Nortel Contivity, would it?

  • 4. Re: Authentication method failed, passcode format error
    jverdin

    Ok.. the passcode works followed by the token code. How can I replace the passcode with AD password and then the token code?