AW: Feature request: Initial pincode

We can combine this with the random pin creation and sending of pin letter/notification of the initial pin to the user.
We would need policies to define, that the user should change the PIN of a token.But how should the PIN be marked as must-change-me.
Or better: the pin must be marked as being changed. So we can verify1. Is there a change the pin policy2. Was the pin not yet changed.
Should the pin have the property:1. Set by administrator 2. Created randomly3. Set by user

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797-------- Ursprüngliche Nachricht --------Von: “cornelius.koelbel” <@cornelinux> Datum: 18.06.16 15:19 (GMT+01:00) An: jmdeking jmdekoning@gmail.com Betreff: AW: [privacyidea] Feature request: Initial pincode

Hi,
Where does the user authenticate with the otp?
Does he authenticate to the privacyidea webUI or to some applications?
In the webUI this could be implemented.When authenticating within another application this would still be possible but a bit more complicated.
The validate API could return a detail info, that the user needs to change his password or the token pin.
Kind regards Cornelius

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797

We could add a tokeninfo table entry with the date of the next PIN change.

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797-------- Ursprüngliche Nachricht --------Von: “cornelius.koelbel” <@cornelinux> Datum: 18.06.16 17:49 (GMT+01:00) An: jmdeking jmdekoning@gmail.com, privacyidea privacyidea@googlegroups.com Betreff: AW: [privacyidea] Feature request: Initial pincode
We can combine this with the random pin creation and sending of pin letter/notification of the initial pin to the user.
We would need policies to define, that the user should change the PIN of a token.But how should the PIN be marked as must-change-me.
Or better: the pin must be marked as being changed. So we can verify1. Is there a change the pin policy2. Was the pin not yet changed.
Should the pin have the property:1. Set by administrator 2. Created randomly3. Set by user

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797

-------- Ursprüngliche Nachricht --------Von: “cornelius.koelbel” <@cornelinux> Datum: 18.06.16 15:19 (GMT+01:00) An: jmdeking jmdekoning@gmail.com Betreff: AW: [privacyidea] Feature request: Initial pincode

Hi,
Where does the user authenticate with the otp?
Does he authenticate to the privacyidea webUI or to some applications?
In the webUI this could be implemented.When authenticating within another application this would still be possible but a bit more complicated.
The validate API could return a detail info, that the user needs to change his password or the token pin.
Kind regards Cornelius

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797