Understanding RSA Secureid

Hi I am trying to understand RSA Secureid. Here is a token, which can provide random digit number for us to login onto a server with something like username and passcode. For example, the token has 20 numbers, each of 20 has registered with the server already. and different token has different 20 number. so when logging to server, the server will decide if we can logging based on the one of 20 numbers that has registered and username and passcode, right? Thank you.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
The token generates a new number every 60 seconds, this number is mathematically linked to the serial number of the token itself, and to the time.

The authenticator can use some very complicated maths to check your response to make sure the number you entered is the number that currently displayed on the token, this fulfils the 'something you have' i.e the token. To fulfil the  'something you know' you supply a passcode, which the authenticator also knows is yours, if it gets them both, then you will be allowed access.
eemoonAuthor Commented:
Thank you for your reply. so the server how to know whether the number that i entered is the number that I got from the token?
btanExec ConsultantCommented:
Token codes cannot be re-used. The Token hardware cycles those codes every 60 seconds. Once a code has been used you must wait for the display to change the tokencode in order to login elsewhere.

Actually the technicalities for SecurID is that it is using the algorithm called TOTP(Time-Based One-Time Password Algorithm), a hash algorithm. In short, the recycling go through using as unique key called a seed, that combined with the current time in 60 second steps refreshes the code.

What you see on the Token is called Token Code that recycles while you will also have a secret called PIN that does not recycle based on the time. These two information  is normally used for login. E.g. Users enter their RSA SecurID username and passcode in the RSA SecurID login dialog box. An RSA SecurID passcode typically consists of a PIN followed by a token code.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.