DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

Initialize a SafeNet eToken 5110+ FIPS

Solution ID : SO300523214115
Last Modified : 07/13/2024

Scenario

The token uses various passwords for authentication. If an Administrator Password is entered incorrectly 5 times, the eToken locks permanently.

Prevent email tampering and phishing with a DigiCert S/Mime certificate.

Solution

Before you begin:

  • Get your DigiCert provided 5110+ FIPS eToken.
  • Install the SafeNet Authentication Drivers.
  • Get a copy of your eToken’s Administrator Password, available in CertCentral on your code signing certificate order page.
  • Get a secure password manager.

Important
: This process will require various passwords, and incorrectly entering a password or losing a password can permanently disable your eToken. We recommend using a secure password manager to track the passwords used for initializing your eToken.

Passwords 101

The 5110+ FIPS uses the following passwords:

  • Administrator Password: Used to manage the eToken. If lost, you are permanently locked out of the eToken and you must purchase a new one. This password is the default on the device and ships as 48 "0"s (000000000000000000000000000000000000000000000000).
  • Token Password: Used to access the eToken certificate store. If lost, you can reset the eToken and install a new certificate. The shipped Token password is provided in the CertCentral portal and should be changed once the token is received. If the token was recently re-initialized and has an empty keystore, the default password is 1234567890.

 

Minimum Password Requirements:

  • Your password should contain at least 8 characters.
  • Your password should include both upper-case characters and lower-case characters as well as numerals and special characters (for example: !, $, %, #).
  • The minimum password length and character requirements apply to both the Token password and the Administrator password.
 
Warning: The eToken uses various passwords for authentication. If an Administrator Password is entered incorrectly 5 times, the eToken is permanently locked. If the eToken has been inititalized with our DigiCert Hardware Certificate Installer tool while adding a certificate then the eToken will be permanently locked after 10 incorrect times. 


Process:

  1. Open the SafeNet Authentication Client, connect the eToken to your computer, and confirm that the client recognizes the eToken.
    Note: What do I do if it doesn’t recognize my eToken?   





  2. On the top, right-click the cog icon (Configuration button). You should now see the eToken listed on the left side.
  3. Right-click on the eToken name and click “Initialize Token”.  




  4. In the Initialize Token – Initializing Options window, select “Preserve the token settings and policies" and click Next.  




  5. In the Initialize Token - Administrator Logon window, enter the current Administrator Password (screenshot shown in step 6).
    Note: The Default Administrator password is "0" typed out 48 times (see above). This is not changed by DigiCert.  





  6. In the Initialize Token – Password Settings window, create new passwords.
    1. Create Token Password.
      Enter and confirm a new token password. This password is used to access the token certificate store.
      Note: If you lose this password, you can use the administrator password to reset the token and install a new certificate.
    2. Uncheck Token password must be changed on first logon.
    3. Create an Administrator Password.
      Create and confirm a new administrator password. This password is used to manage the eToken. We recommend that you use the default password.
      This will not grant access to the certificate store.
      Note: If you lose this password, new certificates may not be imported. You must purchase a new token.
    4. Click Next.  




  7. Save your passwords in a secure place, such as a password manager.
  8. Your eToken is initialized. You may now use the DigiCert Hardware Certificate Installer to install your code signing certificate on it. You can also import certificates as needed.  





Troubleshooting

  1. Token appears as "SafeNet Token JC 0"
    The token has been permanently disabled due to incorrect password attempts. Please contact our support team if you need to order a new eToken.  





  2. Lost your Administrator password?
    The administrator password is required to reset the device and is unrecoverable. Please contact our support team if you need to order a new eToken. The default password can be found above.

  3. Lost your Token password?
    The Token password is used to access the eToken certificate store. If lost, you can reset the eToken if you have the administrator password by following this guide and then using the DigiCert Certificate Hardware Installer.
     
Important to note: Once a password has been set, it cannot be seen or retrieved by anyone other than the individual who set it.