Authenticator Expiration Time

The authenticator expiration time defines a particular date and time when an authenticator expires and can no longer be used for authentication. This will enable administrators to have more control over which authenticator is active or not. An authenticator will not validate authentications after the expiration time.

Setting the authenticator expiration time

The expiration time is defined when the authenticator is assigned.

Individual assignment

The expiration time is defined during assignment.

Bulk assignment

The expiration time is defined during assignment.

Auto assignment

The expiration time is based on the expiration period in the policy. The expiration time will be calculated as the current date and time plus the expiration period defined in the policy. This may result in an expiration time and time which is not the end of the day.

Editing the authenticator expiration time

An administrator can edit the authenticator expiration time manually using the Administration Web Interface.

An authenticator expiration time may be added to existing assigned authenticators using the manual editing methods mentioned above. The authenticator expiration time may be changed to any date in the future.

Removing the authenticator expiration time

Authenticator expiration times can be removed by clearing the Expiry Date field on the authenticator management screen in the Administration Web Interface. An authenticator that has already expired will regain all its functionality if the expiration time is removed.

When an authenticator is unassigned the expiration time is cleared. If the authenticator is reassigned, a new expiration time can be allocated.