The secret key is a unique 16 character alphanumeric code that is required during the set up of the PIN generating tools. When a secret key is lost or compromised, the administrator can delete the key.
After the key is deleted, users can access the new secret key based on the following interfaces they log on for the first time:
-
Command Line: An email containing a new secret key is sent to the user.
-
Command Center, CommCell Console, and Web Console: A new QR code along with the secret key is displayed on the login page.
Scenarios that require reissuing the secret key:
-
The user deleted or lost the secret key before using the key in the PIN generating tools.
-
The user accidentally shared the secret key with other users.
Procedure
-
From the command prompt, navigate to software_installation_directory/Base.
-
Log on to the CommServe using the
qlogincommand.After performing the qlogin operation, execute the qscript. For more information, see qoperation exescript.
-
Run the following command to delete a secret key for a user:
qoperation execscript -sn QS_DeleteTFASecretForUser -si @user='userName'where userName is the login name of the CommCell user who requires a new secret key.
-
Notify the user that a new secret key is required the next time he or she logs on to the CommCell.
Alternatively, on Command Center, click the action button 
across the user name who requires a new secret key, and then click Reset Secret Key.