Error during a reset operation on the 3SKey portal

Error message during a reset, or token detection issue on the Setup for Reset screen

When you are logged in with an administrator token on the 3SKey portal and you prepare a token for reset, you may get an error message if you are using an outdated version of the 3SKey software. If a previous reset operation was interrupted it's also possible that the token cannot be selected for reset on your next attempt.

If you are encountering a specific error code please refer to the following sections:

• "The current password is incorrect. Your session will be closed."
• Error 00050
• Error 00057
• Error 00842

Specific error messages:

"The current password is incorrect. Your session will be closed."

This error can show during a reset operation if your unique ID has been recovered or renewed on a token provided by a different bank than that that provided your original token. To resolve this you must change the temporary password of your token using the Safenet Authentication Client Tools software. In the Safenet software, click on Change Token Password, enter the current temporary password, and change it to the default initial password that was provided with the current token. You can then use this password to login and proceed with the reset. A fix will be deployed through a future portal release.

Error 00050: The token cannot be activated

This error can show during a reset operation if your unique ID has been recovered or renewed on a token provided by a different bank than that that provided your original token. To resolve this issue your administrator must setup the token for reset again, and set the temporary password to the default initial password that was provided with the current token. You will then be able to proceed with the reset. A fix will be deployed through a future portal release.

Error 00057: Please update the 3SKey software to the latest version, and ask your administrator to setup the token for reset again.

This error can show when a token was activated or reset previously using a non supported version of the 3SKey software. To resolve proceed as follows:

1. On the computers of 3SKey users and admins, verify with help of your system administrator that there are no pqOwner or pqModifiable values in the Windows registry, under the keys
   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\SafeNet\Authentication\SAC\PQ]
   [HKEY_CURRENT_USER\SOFTWARE\SafeNet\Authentication\SAC\PQ]
   Delete pqOwner and pqModifiable if present.
   
2. Verify in the list of installed programs that you have SWIFT Token Client 4.1 or higher and Safenet Authentication Client 10.7 or higher. If that is not the case Update the 3SKey software.
3. Important: Your 3SKey administrator must setup the token for reset again.

Error 00842: Token Initialization failed

This error during a setup for reset operation by an administrator can result from a PIN policy configured on the token that is higher than the PIN policy currently defined on the group. As a workaround, select a password that complies with the PIN policy level 12 (twelve characters password minimum with lower and upper case letters, at least one number, and at least one special character) during the setup for reset operation. After the reset is finalized you will be able to change the token password to a password that is compliant with the current group PIN policy.

Troubleshooting procedure:

The troubleshooting procedure requires that you have an activated and working administrator token, in order to reset the problematic token after cleaning it.

Click here to show the details of the troubleshooting procedure.

For any other issue during a reset please follow this procedure to cleanup the token before you reset it again on the 3SKey portal. The procedure will empty the token content. The reset operation on the portal will then recreate the token certificate. Kindly note that a same 3SKey token can only be reset a maximum of 5 times and that a token that is expired, revoked or in renewal window cannot be reset.

1	Check that you are using a recent version of the Safenet software

Right-click the icon in the notification area at the bottom right of your display, and click About.

Check that the version is 10.7 or higher.

If you have an older version you need to update the software as indicated on How to update your token software?.

2	Cleanup the token

Follow exactly all steps below. You must use version 10.7 or higher of the Safenet software. Ensure you have an administrator token available to reset the token after it has been cleaned up.

1. Insert only the token that you need to reset. Make sure you remove the administrator token
2. Open Safenet Authentication Client Tools from the main menu of Windows

3. Click Advanced View

4. Click Initialize Token

5. Select « Configure all initialization settings and policies » and click Next

6. Uncheck « Token password must be changed on first logon » and enter the password Abcd1234 in all 4 password fields, then click Next

7. Change Must meet complexity requirements to « At least 2 types » then click Next

8. Select « Enforce FIPS settings » if applicable and/or click Finish

If you see the option « Enforce FIPS settings » then you must select it, then click Finish. If the token is of a recent model (smaller with a blue led) then you’ll get a different screen, simply click Finish. Do not modify any setting past this page.


9. Click Ok in the warning message to start the Initialization

3	Reset the token again on the 3SKey portal

Plug the administrator token back in and login to the 3SKey portal. Follow the reset procedure again. During the Setup for Reset step we recommend to set the temporary password to the default initial password that was provided with the token.