Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Super Bronze

Unity Sub Sign-In Re-Authentication..

Hi

On Unity 4.2, if a user enters an incorrect PIN when dialling from their own extension they are re-prompted for both the userID and PIN.

The first attempt when hitting the VM button just prompts for PIN.

Users aren't listening to the whole prompt and try to enter their PIN again causing some confusion.

Does anyone know of a way to alter this behaviour? I.e. setting the system to only require the PIN after an inital authentication failure?

Thanks

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Unity Sub Sign-In Re-Authentication..

There's no setting to change this - the behavior was changed between 4.1 and 4.2 after a number of security audits across multiple products (the security team swings a big stick). One of the items was revealing that an outside caller had hit upon a valid ID - as such the behavior is that both the ID and the PIN are collected and validated as a pair - the user is not supposed to be able to figure out if the ID is valid or not when "cold calling" into the auto attendant.

When calling from a known extension (i.e. one assigned as a primary or alternate for a subscriber) the original ID input is skipped - but the failure path is the same for all calls regardless of source.

There's no configuration option or setting that alters this path at the moment. I believe the 5.0 team was looking at an option of "remembering" that the original call had called from a known extension and to provide an option to just reenter the PIN in that case, but I'm not sure if that made the list or not - best to ping your account team to pitch for it, I know a few folks have noted the behavior.

2 REPLIES
Cisco Employee

Re: Unity Sub Sign-In Re-Authentication..

There's no setting to change this - the behavior was changed between 4.1 and 4.2 after a number of security audits across multiple products (the security team swings a big stick). One of the items was revealing that an outside caller had hit upon a valid ID - as such the behavior is that both the ID and the PIN are collected and validated as a pair - the user is not supposed to be able to figure out if the ID is valid or not when "cold calling" into the auto attendant.

When calling from a known extension (i.e. one assigned as a primary or alternate for a subscriber) the original ID input is skipped - but the failure path is the same for all calls regardless of source.

There's no configuration option or setting that alters this path at the moment. I believe the 5.0 team was looking at an option of "remembering" that the original call had called from a known extension and to provide an option to just reenter the PIN in that case, but I'm not sure if that made the list or not - best to ping your account team to pitch for it, I know a few folks have noted the behavior.

Super Bronze

Re: Unity Sub Sign-In Re-Authentication..

Thanks Jeff.

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
138
Views
0
Helpful
2
Replies
CreatePlease to create content