Andrew Maddison

Flowerchild.

Getting the RSA Software Key Working on Android or iPhone

I’ve just had a bit of a battle to get the RSA system Thoughworks use working on my Android phone, this is a quick “what I did” post in case I ever have to do it again. One of my colleagues has just done the same thing on iPhone, and the experience is pretty much identical.
EDIT: Thanks to Satras in the comments below - EMC (Who bought RSA) have published links to the Software Token Converter here:
  • First of all, I contacted IT and was sent the software Key as a .sdtid file.
  • I was a brand new RSA user, but if you already use RSA from a keyring or desktop computer, then you may skip the following: I followed the bog-standard Windows installation and setup process by following the standard instructions provided by RSA, including (importantly) setting a PIN, roughly this involved the following:
    • The Software was already installed on my box, but you might have to install it from here http://www.rsa.com/node.aspx?id=2521 (Link updated, 3rd Sep 2012)
    • Import the .sdtid file including adding a password (in this case my username - I think just to unlock the import file)
    • Log into your companies securid page, ours is http://securid.thoughtworks.com/webauthentication (This requires you to add the Vanilla code from your RSA software app (ie, when the windows app prompts for a pin, leave it blank)
    • Set a pin
    • Log into https://securid.thoughtworks.com/ again - this time using your newly created pin in the windows app. (I assume the PIN is simply hashed into the code if you enter one).
  • This then allowed me to fire up the windows app, enter my pin, and get an RSA code/hash/temp Password/thing.
Android easy bit…
  • Browse here: https://www.rsa.com/node.aspx?id=1081 then to the android link.
  • Download the instructions, and on your phone follow the link (QR code) to the Android app in the marketplace. Download/install it.
Android tricky bit…
  • You have to get the key onto your android phone somehow, after several false starts I realised you have to convert the token (.sdtid file) from XML into the “compressed token format”.
  • Download the Software Token converter from RSA, there’s a link from this page: https://www.rsa.com/node.aspx?id=1081 (You may need to register to get this)
  • Follow the instructions. In brief it’s a console app, and you need to pass it the file locations (.sdtid) password (my username in this case) and “-android”. For example:
    TokenConvert.exe c:\MyUserName.sdtid -iphone -p myUsername
    or
    TokenConvert.exe c:\MyUserName.sdtid -android -p myUsername
  • It then spits out an http URI(android) or a funny looking iphone protocol Uri, right there in the console window.
  • Paste that URI into an email, and send it to an account you can read on your android phone. You might need to make sure it is a link, not just text, in your source email client
  • Back on your phone, open the email and click the link, this prompted me to open the link in the RSA app, if it doesn’t, I think you can copy/paste the link into the RSA app manually.
  • Some colleagues of mine who tried this recently have been re-propmted for their password at this point (in our case - our username)
  • The RSA app declared all was well.
  • I was then able to open the app on my phone, enter my pin, and get one of the RSA number/key/things, which worked to log into the Thoughtworks secure sites. I haven’t tried it from home yet, but will report back if it doesn’t work.

Comments