In early 2011, RSA reported security breaches involving SecurID tokens. RSA reports no compromise of information relevant to NASA. However, NASA has decided to implement additional security measures within our RSA SecurID token infrastructure.
Automated E-mail Notifications
Effective July 25, 2011 at 11 p.m. EDT, users receive an automated e-mail notification each time they use their RSA SecurID token to login to a NASA application or service (i.e., Virtual Private Network). The message specifies the date and time logged in using the token.
NOTE: This is a temporary safeguard which will remain in place until the RSA SecurID tokens are replaced across the Agency.
New PIN Requirements
The Agency has introduced new requirements for SecurID Token PINs. Your PIN must be exactly 8 alpha-numeric characters (must contain both letters and numbers), but no special characters (i.e. @, #, $, !, etc.). If your current token PIN does not comply with this new requirement, you will be required to change your PIN when you pick up your new token.
Replacement of Tokens
NASA will be replacing all SecurID tokens throughout the agency. You will be sent an e-mail notice alerting you to when you may exchange your token. (Some users whose tokens have recently expired have already received a new token.) If you receive notification that your token is due for replacement, you must exchange it in order to retain access to many NASA HQ applications and systems, including the Virtual Private Network (VPN), Secure Nomadic Access (SNA), and the HQ Wireless Network. The token e-mail notice will contain specific instructions as well as dates and times you may exchange your token. If you require assistance, send an e-mail to HITSS Customer Support Team or call 358-0650.
New Login Security Safeguard
Effective November 16, 2011, if you enter your PIN incorrectly more than 5 times, your token will be disabled. To re-enable your token, you must contact the Enterprise Service Desk. You may submit a ticket online, send an e-mail, or call 358-HELP (4357).